Security Operations Analyst
Albéa’s IT function supports Albéa’s business product lines by delivering functional and technical IT services for around 120 people (Group level and Local level worldwide) and through 3rd parties also. Albéa’s Information Security function:
- Aims at making sure Albéa’s Information Security related risks are identified and under control
- Sites at Group IT level and is headed by the Albéa’s Group CISO who reports to Albéa’s Group CIO
- Covers both Group functions and local sites (~ 35 plants worldwide). The SecOps Analyst directly reports to Albéa’s CISO. The position is on a full-time basis, located 2 days/week in La Defense near Paris (France) and 3 days/week in “work from home”.
About Albea & the Product line that is recruiting
Scope
It is key to understand that the Security Analyst:
- Deals with a large variety of topics and solutions and works in close collaboration with a large number and variety of IT people (at Group and local IS levels, internal or external, including 3rd parties).
- Is able to get sufficient knowledge and understanding on various topics to constructively interact with the various people he/she deals with.
- Gets things done by coordinating different stakeholders to address security non-compliances or security incidents.
Main activities
At operational level, the Security Analyst deals with the following topics :
1.Daily requests :
- Analyze phishing notifications and take relevant actions.
- Analyze and validate security related requests (e.g. whitelisting requests, account creation on security tools).
2.Security alerts & incidents :
- Analyze alerts received from the various managed services of Security solutions in place at Albéa (CrowdStrike, SOC, CybelAngel…).
- Escalate critical incidents to the Albéa SecOps Officer.
- When required ensure the Security Incident Process is triggered and delivered.
3.Configure endpoint firewall policies, Internal Vulnerability Scanners and Security Information and Event Management (SIEM) tools.
4.Contribution in monitoring & identification of IT security gaps (non-compliances) :
- Produce KPIs related to IT Security.
- Analyze KPIs to identify possible IT security gaps.
- Prioritize security gaps (risk score based) & allocate them to the relevant owners.
5.“Security Watch”: monitor various information security related channels to identify new trends or threats which might be relevant to Albéa.
Profile (Qualification & Experience) :
Technical Skills :
Good understanding of Information Security principles, technologies and tools including :
- Antivirus & EDR.
- Vulnerability management o Email filtering, in particular O365 and Proofpoint o Windows Firewall o Internet proxy / URL filtering o SIEM / SOC Interpersonnal Skills.
Team work (with Albéa Security Team and local IS teams, with internal teams and 3rd parties / partners):
- Build and maintain trust-based long-term relationship.
- Understand and take into account constraints of other stakeholders.
- Work as a team to deliver shared objectives.
- Share information and knowledge.
Communication :
- Communicate in a clear and concise manner.
- Fluent in English (spoken and written).
Curious: have a strong ability to learn and share new ideas.
Adaptability: understand and adapt to multi-cultural organizations and diversity.
Experience :
- Minimum 3 years in IT Security.
- Minimum academic background : Bac +3 in Computer Science.
- Familiar with CTF and cybersecurity learning platform (TryHackme, HacktheBox…).
- Having already worked as part of SOC and having dealt with security incidents would be a plus.