OverView:
Role: SOC Analyst
Client: Global INtegrator Compnay - (end client- French government)
Location: Paris (near Orly Airport)
Remote: On Site (5 days Per week)
TJM: 750 EUR
Contract Length : 12 Month Mission (Possible extension)
Start date: ASAP
Our client supports companies and organizations through their digital transformation. With 28,500 employees worldwide, they combine global presence with a local approach to design new business models with clients and unlock their full potential.
Duties Involves:
- Level 3 mainly deals with the treatment of sensitive issues. only intervenes on issues that cannot be handled by Level 2 experts alone.
- Level 3 will be responsible for developing the SIEM platform both in terms of performance and improving rules and correlation.
- Level 3 participates fully in the continuous improvement process by implementing everything that may be necessary (Must be in the context of the French Goverment
- new threats identified by the monitoring teams, etc.
- It may call on third parties if necessary (publishers, lawyers, CERTs, CSIRTs, etc.).
The load of the N3 is distributed on average as follows:
- 50% of the time on threat hunting: observation of FP logs in order to propose improvements and detections. Identify remarkable elements in order to target them, research and exchanges (with other teams, and the client, business, etc.) in order to contextualize. With each successful search, management of the treatment.
- 25% of the time on the support part of the analysts L1 & 2: support in the treatment of the alarms implemented / in-depth investigation, improvement of the processes, of the existing rules, ...
- 25% of the time on managing the implementation of change & support for committees.
Technologies Required:
- SIEM Technologies qradar
- SOAR Palo Alto
You can intervene during non-working hours with the on-call option. The rules of labor law imply compensatory rest.
The client is currently holding interviews this week and next week, so if the position is of any interest to you please could you provide me with me an updated copy of your CV and your availability to speak. elvis.dosu(at)glocomms.com/ / +44 20 3375 8271
