As part of the Kudelski Security's Managed Detection and Response (MDR) department, the Security Engineer is responsible for delivering to our clients customized MDR services experience which complements its standard service offering. He will be the privileged liaison between the client and the Cyber Fusion Center for all security operations matter. He will be interacting intensively within the Cyber Fusion Center and with the client staff.
If you:
Are passionate about cybersecurity and are constantly developing your knowledge
Are customer oriented and highly motivated by providing excellent client satisfaction
Are at ease in a fast-paced environment and able to get out of your comfort zone
Are a self-driven technology professional familiar with Security Operations
This position could be for you.
Responsibilities
Threat Monitoring
Be the main point of contact of the Cyber Fusion Center at the client's side
Support standard Cyber Fusion Center activities such as threat Monitoring, security service management, endpoint detection and Response, vulnerability scanning services)
Investigate/Remediate incident escalated by the Cyber Fusion Center or Client's internal units
Write specific incident response playbooks for the Client
Define, test, deploy or perform specific use cases and correlation rule, threat hunting activities and threat intelligence activities for the client
Support large scale incident response activities
Service improvement
Perform rules tuning of client SIEM in operation
Support rules factory programs in improving the global set of detection
Qualify, analyze, and provide recommendations for new standard data source requests
Support Product teams to build best new services to fit with Operations capabilities
Contribute to client's security projects
Implement new tools or scripts to increase security operations' efficiency
General Responsibilities
Take responsibility for customer satisfaction and overall success of managed services.
Recommend improvements for Standard Operating Procedures
Propose enhancement of tools and workflow
Document actions in tickets to effectively communicate information internally and to customers.
Adhere to policies, procedures, and security best practices.
This role involves:
Being able to integrate and build trust with the client's team and to work in the client's environment.
Being at ease working with different teams both in Kudelski Security and in the client's environment
Your aim is to play an active role in helping Kudelski Security to provide clients with the best experience through their journey into our Managed Detection and Response Service and help them reduce their security visibility gaps and improve their security posture.
You are:
Team player who is willing to work closely with our internal stakeholders to help them optimize their deliveries
Transparent, and able to share/take constructive feedback to help us aim at the greater good
At ease with solving complex problems by seeking end-to-end and scalable solutions
Dynamic, with strong interpersonal and communication skills
Able to handle and prioritize parallel tasks with multiple interfaces
Autonomous, self-taught, and willing to continuously develop new skills and knowledge
Able to handle and prioritize parallel tasks with multiple interfaces
Fluent in English
You have:
Minimum 3 years' experience in information security, particularly in cyber operations
Excellent client-facing service skills
Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting)
Experience with the following technologies: SOAR/SOAR, EDR/NGAV, Vulnerability Scanning, Managed Attacker Deception
Experience reviewing and analyzing log data, network packets capture.
Strong knowledge of Windows/Linux OS, network protocols, scripting languages
Good knowledge of cloud computing infrastructures and platforms
An excellent knowledge of the security landscape and different security visibility solutions (SIEM based visibility vs EDR)
Professional proficiency in French and English
These would be a plus:
Technical certifications on vendors' products, in particular Splunk
Any other languages are an asset