Job Description

Security Engineer - Triage
-
Key Responsibilities:
1. Service Delivery Manager (SDM) - 70% The primary responsibility of the SDM is to ensure the efficient functioning of the incident response process within CERT, ensuring that attacks are detected and contained. Key duties include:

• Monitoring security alerts raised through various channels.
• Understanding incidents, assessing their criticality and priority.
• Creating or modifying tickets and assigning them to analysts.
• Tracking ticket resolution to ensure closure in compliance with SLAs.
• Maintaining constant communication with global CERT teams (France, Americas, India, and China) and other stakeholders (e.g., DOTI, DOMF).
• Consolidating and publishing statistics/figures related to incidents handled by CERT and other stakeholders. This includes:

• Verifying SLA compliance, especially for priority 1 incidents.
• Quantifying the number of incidents handled by CERT based on various analytical axes.
• Analyzing SLAs, proposing improvement actions, and following up on their implementation.
• Keeping the following documentation updated:

• Skills matrix for ticket orientation.
• Analyst access management.
• Decision trees for incident routing.

2. Additional Activities - 30% Depending on their expertise, the triager may be assigned occasional missions within the team, such as:

• Development projects.
• Security incident response tasks.

Experience and Skills Required:

• 5- 10 years of experience in the IT security domain, with a background in IT development or DevOps.
• Proven ability to maintain confidentiality and discretion in handling sensitive information.
• Extensive experience with incident management and familiarity with SIEM tools.
• Strong collaboration skills, with the ability to work effectively in a global team environment.

Behavior skills

• Exceptional organizational and analytical skills.
• Ability to work in a fast-paced environment while maintaining attention to detail.
• Strong communication and interpersonal skills to liaise with global teams and stakeholders.
• Proactive mindset with a commitment to continuous improvement in incident management processes.

Availability Information:
The role operates on a follow-the-sun model, requiring collaboration with the global Group CERT team. Analysts must operate 5 days from the office and be available on a rotation basis for the Weekend support from office.

Skills Required