Back
Position

SOC Analyst - Tiers 2

Company
Company
CGG
Place
Massy, France/Remote
Apply
Added: February 15, 2024
Company Description

CGG (www.cgg.com) is a global technology and HPC leader that provides data, products, services and solutions in Earth science, data science, sensing and monitoring. Our unique portfolio supports our clients in efficiently and responsibly solving complex digital, energy transition, natural resource, environmental, and infrastructure challenges for a more sustainable future. CGG employs around 3,400 people worldwide.

Our expertise, specialized HPC and digital technologies support advanced and secure cloud-based workflows, expert geoscience data transformation and AI, machine learning and data science services. Today, our HPC supports over 700 users with 500 petaflops of compute power.

Job Description

CGG is looking for a Security Operation Analyst specialized in Azure Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) solutions. This critical role actively contributes to enhancing the overall security posture of the company by ensuring the secure maintenance of our cloud High-Performance Computing (HPC) infrastructure. The role involves participating in system enhancements and the lifecycle management of hardware and software products, collaborating with diverse stakeholders such as the service desk, system team, network team, and information security experts. This occurs within a dynamic, stimulating and multicultural work environment.

Reporting to the Security Operations Officer, your responsibilities will include assisting in the investigation of security threats and the identification of vulnerabilities. As part of a security operations team your day2day includes analyzing, triaging, and processing of security threats, based on the risk and impact assessed. You support audits, propose solutions, and manage actions plans to ensure compliance with security standards according to risk analysis outcomes.

Main Duties Include

  • In charge of monitoring and maintaining the health and general condition of security of the organization,
  • Responsible for monitoring, triage and escalation of security alarms,
  • Manage and close information security alerts raised by any of our security tools or communicated in person or via email,
  • Coordinate and follow up remediation plan implementation with key indicators identified during campaigns such as pen-testing, incidents, zero-days and others,
  • Follow-up of security incidents, problems, and vulnerabilities,
  • Analyze risks and report to IT operations,
  • Work proactively with our MSSP (managed security service provider) to ensure that they have sufficient visibility into our systems to provide an effective service and, where enhancements are necessary coordinate the implementation with the internal IT teams,
  • Raise alarms to operation management team whereas an incident impacting the IT security is detected,
  • Conduct forensic log analysis when required,
  • Proactively monitor vendor CVE and assess the impact of the vulnerabilities to the company,
  • Participate in the evolution of process, detective and alerting tools,
  • Write and maintain detailed documentation of system configurations, procedures, runbook to facilitate knowledge sharing and team collaboration.

Qualifications

Mandatory:

  • Experience of security operation with Microsoft Security technologies (Defender, Sentinel, EDR)
  • 5+ years of professional experience in a SOC team
  • Experience with an MSSP (Managed Security Service Provider)
  • Experience with Elastic ELK (Elasticsearch, Logstash, and Kibana)
  • Microsoft Azure Fundamentals certification
  • Microsoft Security Operations Analyst certification
  • Good communication skills internally with cross-functional teams
  • Fluency in English is mandatory with our international environment

Familiar With The Following

  • Azure Cloud Services
  • Windows, Linux and macOS operating systems
  • Network (VLAN, VXLAN IP, Ethernet, …)
  • Firewall (DMZ, ACL, NAT, IDS/IPS, …)
  • Zscaler ZIA
  • MITRE ATT&CK framework
  • NIST Cybersecurity framework
  • CVE - Common Vulnerabilities and Exposures
  • CVSS - Common Vulnerability Scoring System

Additional Information

  • Hybrid work: up to 2 days per week working from home,
  • Attractive salary and bonus scheme,
  • PEE/PERCO pension savings plan,
  • Access to company restaurant with subsidized price,
  • Access to benefits from Company works council,
  • Confidential employee assistance program to support our staff covering mental health, counselling, wellbeing, legal & financial issues,

Please apply with a resumé in English

We see things differently. Diversity fuels our innovation, we value the unique ways in which we differ, and we are committed to equal employment opportunities for all professionals.
Apply
Search