- Company Name
- Ministère des Affaires étrangères français
- Job Title
- ANALYSTE CYBERSÉCURITÉ - EXPERT OU EXPERTE SIEM (F/H)
- Job Description
-
**Job Title:** Cybersecurity Analyst – SIEM Expert (F/M)
**Role Summary**
Provide operational security analysis for the Foreign Affairs CERT. Qualify, investigate, and respond to alerts from SIEM and monitoring tools, refine detection rules, and support incident containment and remediation across departmental systems.
**Expectations**
- Work under the sector head, collaborating with security operations and digital transformation teams.
- Deliver accurate incident assessments, documentation, and reporting.
- Maintain up‑to‑date knowledge of attack techniques, detection methods, and industry best practices.
**Key Responsibilities**
1. Qualify security events and alerts generated by detection and monitoring tools.
2. Refine detection rules and data sources to improve alert quality.
3. Evaluate alert criticality based on business context and asset sensitivity.
4. Perform technical investigations, including packet capture analysis and log forensics.
5. Search for and correlate Indicators of Compromise (IoCs).
6. Ensure proper incident ticket flow, resolution tracking, and reporting.
7. Document incidents, investigations, and actions taken.
8. Contribute to incident containment, eradication, and remediation efforts.
9. Optimize security tools and operational procedures.
10. Update and maintain knowledge base and documentation.
11. Conduct technical workshops and knowledge‑share sessions.
**Required Skills**
- Proficiency with SIEM platforms (e.g., Splunk, QRadar, LogRhythm).
- Incident triage, threat hunting, and intrusion analysis.
- IoC detection, log correlation, and evidence collection.
- Familiarity with ATT&CK framework and common attack techniques.
- Experience in containment, eradication, and recovery processes.
- Strong technical writing and reporting abilities.
- Ability to collaborate with cross‑functional security teams.
- Knowledge of endpoint protection, sandboxing, and malware analysis.
**Required Education & Certifications**
- Bachelor’s (Bac+3) or Master’s (Bac+5) degree in Cybersecurity, Information Security, Computer Science, or related field.
- RNCP Level 6‑7 qualification preferred.
- Relevant certifications such as CISSP, CISM, CEH, GCIH, or equivalent are highly desirable.