Security Analyst / Incident Responder L2/L3

Assystem Stup is a full-service project delivery consultancy company offering master planning, comprehensive building design, engineering and project management services. We serve many clients in decarbonised energy, transportation, cities & territories, buildings and commercial, institutional, recreational and manufacturing facility infrastructures.

As part of Assystem Group, we combine strong expertise in engineering, project management and digitalisation to serve our clients worldwide.

• Leading efforts to counter security breaches and anticipating and reducing the likelihood of future security alerts, incidents, and disasters.
• Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls.
• Writing reports and providing insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
• Assisting with the creation of updates and training programs to secure the network and train the employees.
• Keeping the security systems up to date.
• Monitoring security access and maintaining the relevant data.
• Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits.
• Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans.
• Verifying and coordinating security plans with outside vendors.
• Creating procedures for IT employees and training them in security awareness.

• A Bachelor's degree in computer science, programming, or related field.
• 5-10 years' experience in the field, such as security administration.
• Advanced training certifications may be advantageous.
  • Security+
  • CySA+
  • Certified Ethical Hacker (CEH)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
• The ability to work in a high-stress environment.
• Excellent verbal and written communication skills, interpersonal, and teaching skills.
• Good anticipation, analytical, and problem-solving skills.
• The ability to remain current on the latest technology and best practices in information security.

• Threat Hunting
• Malware Analysis
• Threat Intelligence 
• Ethical hacking 
  • Penetration testing 
• Intrusion prevention 
• Incident response 
• Computer forensics 
• Reverse engineering
• In addition, it is expected to have expertise in cyber security, firewalls, network security, information assurance, Linux, UNIX, security information and event management (SIEM), application security, security engineering, and security architecture. They must also keep up with the latest trends in cyber security.
• Knowledge of at least one of the following languages: C, C++, Python, Shell, etc. would be preferred.

We are committed to equal treatment of candidates and promote, as well as foster all forms of diversity within our company. We believe that bringing together people with different backgrounds and perspectives is essential for creating innovative and impactful solutions. Skills, talent, and our people’s ability to dare are the only things that matter !. Bring your unique contributions and help us shape the future.