Infrastructure Security Analyst

Infrastructure Security Analyst

Job Summary:

The Infrastructure Security Analyst is responsible for ensuring the security and integrity of the saint-gobain local infrastructure. This role involves analyzing, implementing, and maintaining security measures across networks, applications, and systems, while supporting cybersecurity initiatives and compliance efforts. The analyst will collaborate with cross-functional teams to integrate security into projects, manage suppliers, and contribute to incident response and disaster recovery planning.

Key Responsibilities:

Infrastructure & Network Security

• Monitor and assess vulnerabilities across infrastructure components.
• Ensure proper configuration and operation of firewalls, SIEM, EDR, AD, and MDM systems.
• Maintain secure network protocols and device configurations.

Application Security

• Implement encryption, access control, and vulnerability management practices.

Project Integration & Supplier Management

• Integrate cybersecurity requirements into project lifecycles.
• Apply ISO27001 standards in supplier evaluations and risk assessments.

Security Reporting & Awareness Communication

• Support the preparation of monthly security reports and dashboards
• Lead or contribute to monthly cybersecurity talks .
• Collaborate with local IT teams to followup security indicators.

Incident Management & Response

• Support identification and analysis of malware, trojans, worms, and other threats.
• Assist in ITIL-based incident handling and escalation procedures.

Compliance & Process Development

• Draft and maintain security procedures and documentation.
• Develop scripts to automate compliance checks and reporting.

Awareness & Training

• Lead phishing awareness campaigns and cybersecurity communications.
• Support local IT teams in promoting security best practices.

Continuity & Disaster Recovery

• Assist senior analysts in Business Impact Analysis (BIA).
• Participate in disaster recovery testing and planning.

Industrial Systems Security

• Learn and support security practices for industrial control systems.

Required Skills & Qualifications:

Hard Skills

• Mandatory:

   Network fundamentals, application security, project integration, supplier management, compliance (ISO27001), scripting, procedure writing.

• Nice to Have:

   Infrastructure security tools (SIEM, EDR, AD), incident management, ITIL, creative problem-solving.

• Willing to Learn:

   Industrial systems security, awareness campaigns, disaster recovery planning.

Soft Skills

• Strong team spirit and collaboration.
• Clear and effective communication.
• Supportive mindset and proactive attitude.
• Creative and analytical thinking.
• work in multicultural environnment

Preferred Certifications (Optional):

• ISO27001 Foundation or Lead Implementer
• CompTIA Security+, CISSP, or equivalent
• ITIL Foundation