Principal Duties and Responsibilities
Detect and respond to IS/IT cybersecurity incidents within our global corporate landscape, on any environment (development, integration, production) and on any site (Office, R&D, Plants, Datacenters, etc.)
Operate on all necessary technologies to detect and respond to IS/IT cybersecurity incidents (in particular but not limited to our SIEM)
Execute incident response plans, including triage, root cause analysis, remediation and closure (in order to prevent future occurrences or further limit their impact)
Request necessary actions and follow up their execution with any other necessary
contact, either within the Group or outside (eg: partners)
Mentor and provide guidance to IT colleagues with regards to response best practices
Identify and execute projects aiming at improving our intrusion detection and response capabilities
Produce or enhance all necessary documentations such as knowledge bases, incident response procedures. investigation & remediation workflows – automation, context and orchestration as code. Ensure that applicable procedures are observed permanently or otherwise suggest updates when necessary
Be part of Faurecia’s first line of defense. We handle active security events and cuttingedge threats from a variety of sources, you may be part of a 24/7 on duty rotation, contribute to a cybersecurity crisis operation cell
Provide or contribute to provide proper reporting and metrics in order to measure the efficiency of our cybersecurity incident response resources
Ensure continuous improvement through continuous analysis of recurring incidents trends
The ideal candidate will have/be:
Education and experience
“Cyber Security” relevant University degree
3 – 5 years of experience in the field of Cyber Security
Basic understanding and experience in IS/IT Security Incident Response and associated best practices
Experience in identifying, analyzing, scoping, isolating and eradicating malware or any other hacking threats
Understanding of the current threat landscape and adversary tactic, techniques and procedures
Knowledge of enterprise-scale security technologies and capabilities including SIEM, incident management (MISP), threat intelligence, full packet capture, protocol analysis/NetFlow usage, network and system monitoring and logging, malware analysis, Endpoint Detection & Response (EDR), firewalling / network filtering, IDS/IPS
Capacity to understand, design and enhance incident response processes