ITS Cyber Security Expert / Healthcare Solutions – Poste pourvu
More meaning at work by entering the world of Health.
As a world-class French group in the health environment, our mission is to protect, treat and cure patients. From prevention to treatment, we transform scientific innovation into healthcare solutions (drugs, vaccines, various products, etc.). Technological innovation is at the heart of our DNA to constantly offer major therapeutic advances. Our industrial sites (almost a hundred) have largely taken the Factory 4.0 model path. In this context, we have assembled a Cyber industrial security team spread over several centers around the world, all equipped with the latest technologies. Into ITS Cyber Security Dept, we are looking for a Cyber Security Expert.
In ITS Cyber Security Dept, we are looking for an ITS Cyber Security Expert into our Security Operations Center (SOC). Filling this position, you will be focus on User Behavior Analytics activity. The SOC is global and responsible to monitor, detect and respond to any possible cyber-attack. As an ITS Cyber Security Expert, you need to be an expert in cyber security and must have expertise in forensics across various operating systems and technologies.
- Develop new monitoring capabilities leveraging Cyber security features coming from O365 and Zscaler cloud services
- Improve our ability to detect and react facing abnormal and dangerous user behavior.
- Define the roadmap, move forward step by step with concrete results and promote the value for Cyber Security team.
- Contribute to the SOC activity extension to better protect the company.
- Define and run from scratch a new activity defining your roadmap reporting to Risk Monitoring team and SOC team.
- Envision proactive detection capability to build automatic response capability based on user and business context.
- Define and Implement the relevant use cases working with the business and ISSO network.
- Manage end-to-end the incident remediation and steer the lesson learned.
- Promote the vision and the Cyber value added for the company.
- Build and develop the activity according to your roadmap, delivering step by step with visible results.
- Work across ITS organization and business entities to enable the most valuable use cases.
- Integrate your activity in the existing Cyber ecosystem leveraging the current Cyber components.
- Report on regular basis about achievements and metrics.
- Communicate via multiple channel to make people more cautious using experience feedback.
- Ensure that on-site support teams are trained and ready to answer in case of end user request or alert.
Build Operational Mechanism
- Based on your technical experience and Cyber expertise on some key components like O365, Zscaler, Active Directory, Qradar, Resilient, enable new alerting and response capabilities.
- Leverage as much as possible existing security features already purchased and identify the best combination.
- Use a pilot approach to secure massive deployment.
Formal Education and Experience Required
- University/Master’s Degree in Computer Science, preferably in Information Security.
- Real world SOC or forensics experience.
- Computer Programming skills, especially in Python.
- 10 years of professional experience in IS/IT, of which 5 years is in IS/IT Security.
- Security Certifications like CISSP or CEH.
Expertise and Competencies
- Significant expertise in common operating systems like Windows, MAC and Linux.
- Experience feedback on O365 and Zscaler cloud services would be preferred.
- Basic understanding of computer networks, firewalls, intrusion prevention technologies, and Antivirus technologies is necessary. Real world experience working with these technologies is expected.
- Expertise as a red team penetration tester or a blue team system defender would be preferred.
- Experience with Security Information Event Management (SIEM) systems and Event Detection and Response (EDR) technology.
- Basic scripting skills in Python, Powershell and Visual Basic would be expected. More advanced programming skills are not required but would add strongly to the profile.
- Leadership and strong communication skills.
- Ability to translate complex technical stories into non-technical language is necessary.
- Mastery of English is required.
Why join us?
- A sector of activity carrying meaning and values: health.
- A position with high impact in the company.
- An essential issue in the current context.
- Cutting-edge techno choices as well as large means to set them up.
- Strong responsibility at the heart of our cybersecurity strategy.
- Strong attention paid to work-life balance.
- A productive and pleasant working environment.