Threat Intelligence Lead

Job Purpose/Summary:

The Identify Service Line is responsible for identifying, assessing and analyzing all of the cyber threats and vulnerabilities that can affect the Group. This Service Line is composed of three main activities:

• Cyber Threat Intelligence (CTI)

• Vulnerability Assessment

• Sandboxing

You will be hierarchically attached to the IT Manager responsible of the CyberSOC team based in India and will daily refer to the Identify Service Line Team Leader based in India and the Identify Service Line Manager based in France.

Key Responsibilities:

The Cyber Threat Intelligence Analyst will be in charge of delivering these three services:

• Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures:

- Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise.

- Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.).

• Communicate on vulnerabilities related to the software used in the Company

• Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service.

• Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis.

• Produce and communicate monthly KPIs on each activity

Key Performance Indicators:

The Cyber Threat Intelligence Analyst will be in charge of delivering these three services:

• Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures:

- Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise.

- Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.).

• Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service.

• Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis.

• Produce and communicate monthly KPIs on each activity

Qualificaton:

• Bachelor’s Degree in Computer Engineering, Information Technology or any relevant certifications.

• Experience in investigating and reporting on cyber-attacks.

• Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods.

• Strong technical skills with an interest in open source intelligence investigations and malware analysis.

• In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls.

• Team-oriented and skilled in working within a collaborative environment and with other Service Lines.

• Good sense of priorities and good sense of initiative.

• Rigorous and autonomous.

• Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders.

Functional Skills/Competencies:

• Bachelor’s Degree in Computer Engineering, Information Technology or any relevant certifications.

• Experience in investigating and reporting on cyber-attacks.

• Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods.

• Strong technical skills with an interest in open source intelligence investigations and malware analysis.

• In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls.

• Team-oriented and skilled in working within a collaborative environment and with other Service Lines.

• Good sense of priorities and good sense of initiative.

• Rigorous and autonomous.

• Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders.

Behavioral Skills/Competencies:

• Bachelor’s Degree in Computer Engineering, Information Technology or any relevant certifications.

• Experience in investigating and reporting on cyber-attacks.

• Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods.

• Strong technical skills with an interest in open source intelligence investigations and malware analysis.

• In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls.

• Team-oriented and skilled in working within a collaborative environment and with other Service Lines.

• Good sense of priorities and good sense of initiative.

• Rigorous and autonomous.

• Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders.