- Company Name
- IDNA
- Job Title
- Expert Cybersécurité Opérationnelle H/F
- Job Description
-
**Job Title**
Operational Cybersecurity Expert (M/F)
**Role Summary**
Responsible for the end‑to‑end operational security of the organization’s information systems. Activities include threat analysis, incident response, security documentation, risk control, project leadership, and user awareness. Works closely with risk management, compliance, and business stakeholders to maintain regulatory compliance, particularly in banking environments.
**Expectations**
- Achieve timely identification and resolution of security incidents and vulnerabilities.
- Maintain up‑to‑date security documentation and governance artefacts.
- Lead security projects (e.g., encryption, EDR) and deliver them on schedule and within scope.
- Provide expert advice on risk assessment and architecture design.
**Key Responsibilities**
- Analyze suspicious emails, SIEM alerts, vulnerability alerts, and indicators of compromise (IOCs).
- Apply and refine SIEM rule sets; facilitate incident acceptance and documentation.
- Handle exemption requests and flow‑open requests; establish and maintain encryption vendor tools.
- Perform operational security controls, risk mapping, audit follow‑ups, and incident declaration.
- Draft, update, and publish security circulars, procedures, and operating modes.
- Keep GPOs and hardening policies current; manage Windows/Linux hardening configurations.
- Support business units in risk analysis, requirement definition, architecture reviews, and security reviews.
- Conduct awareness campaigns via intranet articles, training materials, and phishing simulations.
- Project manage security initiatives: requirement definition, tender support, project monitoring, and acceptance testing.
- Prepare governance and reporting artefacts (meeting minutes, status notes, audit evidence).
**Required Skills**
- **Technical**: Advanced knowledge of Active Directory, Windows, Linux, networking protocols, CVSSv3, sandboxing, threat hunting (VT, Quarantine), SIEM tuning, RegEx, and eBiosRM.
- **Enterprise Tools**: Experience with Lansweeper and other asset discovery tools.
- **Risk & Compliance**: In‑depth understanding of ISO 27001, ISO 27005, and ANSSI security guidelines; ability to implement risk matrices and remedial plans.
- **Project Management**: Proven ability to lead security projects, prepare RFPs, and manage project lifecycle.
- **Communication**: Strong written and verbal skills; ability to translate technical concepts for non‑technical stakeholders.
- **Analytical**: Strong problem‑solving and incident response skills; capacity to identify root causes and recommend improvements.
**Required Education & Certifications**
- Bachelor’s (BSc) or Master’s (MSc) in Engineering, Computer Science, Information Systems, or related field (equivalent to Bac+4/5).
- Certifications: ISO 27001 Lead Auditor/Lead Implementer, ISO 27005 Practitioner, or equivalent (e.g., CISA, CISSP).
---