Security Incident Response Expert

Job title:

Security Incident Response Expert

Company:

AXA

Job description

Company statement
With over 102 million customers in 56 countries, AXA’s strong global franchises and three lines of expertise – Property & Casualty, Life & Savings and Asset Management – provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. AXA is setting-up a Group Security practice in order to reinforce its short-term risk reduction strategy, aligned with AXA strategy & culture and based on the industry standards.
Business unit statement
To support our business strategy and digital transformation, AXA is enlarging its Cyber Defense team to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Cyber Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’
Job purpose
✓ Digital Forensics and Incident Response (DFIR) activities including assessment, analysis, categorization, classification, and investigation of cybersecurity incidents
✓ Manage cybersecurity incidents to ensure timely containment and risk mitigation engaging with operational teams and leadership as required and according to Security Incident Management Processes
✓ Handle potential high severity incidents autonomously during non-working hours (on rotational on-call basis)
✓ Collect, document and analyze evidence as part of the digital forensics capability of CyberDefense and AXA CERT
✓ Follow-up security incidents resolution and track updates in ticketing tool
✓ Notify and communicate to relevant stakeholders including Group and entity CISO/CSO’s
✓ Support SOC Security Analysts and an international network of local security incident handlers from AXA entities
✓ Perform lessons learned activities, e.g. security incident reviews, post mortem documentation
✓ Contribute to the improvement of the DFIR capability including development and integration of open source and commercial tools in a dedicated forensic lab
✓ Contribute to threat hunting activity proactively and in the context of high severity incidents
✓ Participate in use case development and SIEM rules threshold tuning
✓ Act as a mentor to more junior Security Incident Response Specialists, support and supervise them, ensure knowledge transfer within the team
✓ Professional communications and reporting to SOC stakeholders and customers
✓ Participate in exchanges with national and international CERT/CSIRT communitiesKey responsibilities – accountabilities✓ Security Incident Response Expert according to Security Incident Management Processes✓ Security Incident Reports and Lessons Learned✓ Communication to stakeholders✓ Security Incident Response documentation✓ Collect and document data from a variety of sources to assist incident response actions✓ Coordination with other teams for effective incident response✓ Mentor and guide the more junior Incident, Forensics & Threat Intelligence Manager✓ Coordinate complex security incident response that require deeper background knowledge✓ Provide leadership, guidance and deep technical expertise to deliver a professional services to customers✓ Continually maintain and improve technical capabilities through individual development activities Important
Required soft skills & behavioral competenciesLeadership✓ Creates an environment for developing and fostering leadership excellence✓ Effectively communicates the group vision and goals and the benefits in achieving the strategy✓ Recognizes potential leaders and provides them with challenging assignments/stretch goals✓ Takes calculated risks in decision-making and seeks inputs from the team / stakeholders for the same.✓ Creates mechanisms to recognize individual/group contribution & achievements✓ Can effectively mentor others to acquire this competencyStrategic Thinking✓ Articulates a vision, develops organizational goals and strategies✓ Maintains a wider perspective, aligns actions and contributes to the enhancement overall organizational strategy including outputs from benchmarking activities and reviews✓ Understands and articulates the projected direction of the organization and how changes to it might impact the group✓ Is aware of the trends in the external environment and key differentiators vis-a-vis competition and uses this information to anticipate how these changes would impact the organizationProblem solving✓ Recommends solutions relevant to the complexity, scope, risk and magnitude of problemPlanning✓ Plans up to 2-5 years ahead (particularly when preparing budgets and resource requirements), in accordance with the project/program portfolio to ensure its successful delivery Provides input into planning and prioritization of project activities✓ Required to analyze and critically evaluate information as well as formulate plans based on multiple sources of information✓ Forward planning required e.g. target setting and forecasting trends✓ Ability to manage action plans, review progress and make adjustments where requiredDecision making✓ Advises on decisions regarding strategy, policy, and structures✓ Quick to assimilate and integrate new information for informed decision making✓ Monitor changes in the operating environment, quick to act upon potential opportunities.✓ Able to quickly evaluate a situation or issue and take the initiative within limits of authority.Coaching and Mentoring✓ Coaching: The process of assisting individuals to set goals then supports the execution of the goals through establishing strategy and providing feedback, insight and guidance to enable the individual to reach their fullest potential.

✓ Mentoring: The process in which an experienced colleague is assigned to an inexperienced individual and assists in a training and development or general support roleInterpersonal skills✓ Assertiveness, empathy, active listening✓ Oral communication, persuasive skillsQualificationsQualifications
Education
✓ Bachelor degree in Computer Science or Information Security would be desirable but is not essential
Certification
✓ GIAC GCIH (SANS SEC504), GIAC GCFA (SANS FOR508)
✓ Strongly preferred: GIAC GDAT (SANS SEC599), GIAC GNFA (SANS FOR572), GIAC GCFE (SANS FOR408), GIAC GCIA (SANS SEC503), GIAC GREM (SANS FOR610)
✓ Preferred: Security infrastructure certifications
✓ Preferred: ITIL foundation
✓ Preferred: Offensive security certification (OSCP, SEC560, CEH)
Overall work experience in the field
✓ Demonstrated experience in performing Information security incident analysis and response
4 years
✓ Demonstrated experience in SOC/CSIRT
3 years
✓ Demonstrated experience in network / security infrastructure administration
2 years
✓ Demonstrated experience Linux/Windows administration
1 years
✓ Demonstrated experience in large and complex organisation(s)
3 years
✓ Demonstrated experience in usage of ticketing tools
✓ Demonstrated on-the-job experience with any of the standard commercial SIEM tools
Technical Skills / abilities
✓ Ability to identify risks, threats, vulnerabilities and associated attacks that might involve: malicious code, protocol/design/configuration flaws…
✓ Strong troubleshooting and analytical skills
✓ Understanding the Internet and detailed knowledge of network protocols (Ethernet, 802.11.X, IP, ICMP, TCP, UDP…)
✓ Knowledge of application/services related protocols (DNS, SMTP, HTTP, FTP…)
✓ Knowledge of network infrastructure elements and architecture (Firewall, Proxy, IPS, WAF…)
✓ Knowledge of current security vulnerabilities and related attack methodologies
✓ Detailed knowledge of packet capture analysis and usage of associated tools
✓ Detailed knowledge of log management (Syslog, CEF, debug levels, parsing…)
✓ Knowledge of encryption algorithms, digital signature mechanisms and PKI
✓ Knowledge of scripting, character manipulation and regular expressions
Personal Skills / abilities
✓ Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
✓ Good interpersonal and communication skills, works effectively as a team player
✓ Common sense to make efficient and acceptable decisions
✓ Willingness to continue education and to stay up to date, passionate about IT and information security
✓ Ability to work under pressure
✓ Ability to lookup for information and to solve unknown problems
✓ Diplomacy when dealing with other parties
✓ Ability to function effectively in a matrix structure
✓ Cross cultural sensitivity, flexibility
✓ Fluent in English

Expected salary

Location

Paris

Job date

Fri, 03 Jan 2025 23:18:50 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (vacanciesineu.com) you saw this job posting.