CSIRT analyst

Job description

Position Description:

Job Description
As member of CIB EMEA Cyberdefense (domain of Cybersecurity), the L2 Computer Security Incident Response (CSIRT) Analyst plays an essential role, focusing on the response and investigation of cybersecurity incidents, including DLP. This role is crucial for quicky addressing alerts, conducting analysis and escalating to L3 CSIRT analyst the sensitive/most critical cases.

Diversity brings a variety of ideas, perspectives and experiences to the workplace and creates a positive environment where everyone has the opportunity to thrive.
We are committed to enhancing and increasing diversity, equity and inclusion in academia and the technology workforce. We collaborate closely with clients and our professionals to empower people with disabilities and provide equal opportunities for all.

Your future duties and responsibilities:

• Handling of cyber-investigations provided by CyberSOC use-cases and DLP detection systems;
• Analyze the effectiveness of existing DLP controls and continuously seek improvement in technical/functional and process;
• Contribute to CyberSOC use-case development and optimization;
• Monitor DLP related events, conduct investigations and respond to data leakage incidents according to internal procedures (including interviews with key contributors, i.e. HR, Procurement, DPO, …);
• Develop and enhance data protection policies and rules across the various systems, manage exceptions;
• Respond to and facilitating eDiscovery requests from IT S;
• Maintain accurate and detailed records of incidents in the group GRC toolecurity, HR, Legal and Compliance;
• Assist in governance by delivering the details reports and KPIs;
• Contribute to cybersecurity governance, including the delivering reports and KPI related to the activity, including PCC;
• Quick escalate complex incident to Level 3 CSIRT Analysts, ensuring that all relevant data and preliminary findings are accurately communicated to facilitate further analysis;
• Contribute to industrialization/formalization of Cyber Defense processes and effectiveness;
• Provide analysis and expertise on cyber-incidents, including root-cause by identifying preventive measures.

Required qualifications to be successful in this role:

Technical skills:

• Event & Incident monitoring and response (identify, alert and contain);
• Cybersecurity (general knowledge in logs analysis, general knowledge regarding endpoints security (e.g.: EDR solution));
• Scripting language (Python);
• Protocol knowledge (HTTP, SMTP…);
• SIEM (Security Information Event Monitoring);
• SOAR (Security Orchestration, Automation and Response);
• DLP (Data Loss Prevention).

Language skills:

• Fluency in English (both written and spoken) is mandatory.

Soft skills:

• Proactivity / Critical thinking;
• Decision making;
• Resilience;
• Ability to collaborate / teamwork;
• Creativity & innovation / Problem solving.

Skills:

·  English

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.