Security Engineer - Triage

Security Engineer - Triage - - - - - - - - - - - - Key Responsibilities: 1. Service Delivery Manager (SDM) - 70% The primary responsibility of the SDM is to ensure the efficient functioning of the incident response process within CERT, ensuring that attacks are detected and contained. Key duties include: Monitoring security alerts raised through various channels. Understanding incidents, assessing their criticality and priority. Creating or modifying tickets and assigning them to analysts. Tracking ticket resolution to ensure closure in compliance with SLAs. Maintaining constant communication with global CERT teams (France, Americas, India, and China) and other stakeholders (e.g., DOTI, DOMF). Consolidating and publishing statistics/figures related to incidents handled by CERT and other stakeholders. This includes: Verifying SLA compliance, especially for priority 1 incidents. Quantifying the number of incidents handled by CERT based on various analytical axes. Analyzing SLAs, proposing improvement actions, and following up on their implementation. Keeping the following documentation updated: Skills matrix for ticket orientation. Analyst access management. Decision trees for incident routing. 2. Additional Activities - 30% Depending on their expertise, the triager may be assigned occasional missions within the team, such as: Development projects. Security incident response tasks. Experience and Skills Required: 5- 10 years of experience in the IT security domain, with a background in IT development or DevOps. Proven ability to maintain confidentiality and discretion in handling sensitive information. Extensive experience with incident management and familiarity with SIEM tools. Strong collaboration skills, with the ability to work effectively in a global team environment. Behavior skills Exceptional organizational and analytical skills. Ability to work in a fast-paced environment while maintaining attention to detail. Strong communication and interpersonal skills to liaise with global teams and stakeholders. Proactive mindset with a commitment to continuous improvement in incident management processes. Availability Information: The role operates on a follow-the-sun model , requiring collaboration with the global Group CERT team. Analysts must operate 5 days from the office and be available on a rotation basis for the Weekend support from office.