CSIRT ANALYST - Incident Response Team - Mandatory: German C1 (min.)

• You identify the attackers' modus operandi, objective and qualify the extent of compromises.
• For that purpose, you analyze the technical artifacts collected (host forensics, network forensics, log analysis, and malware triage) to identify the attacker's Tactics, Techniques and Procedures (TTPs), Indicators of Compromise (IOCs).
• You recommend actions for containment and remediation of the incident.
• In an investigation report, you provide remediation recommendations for cleaning up and hardening the systems under attack.
• You monitor for new vulnerabilities, technologies and attack methods on IT components, and develop investigative tools.

Your potential projects

More concretely, here are some projects you could carry out:

• To support a hospital targeted with ransomware, you will join the incident response of CERT Advens.
• The management of an industrial company asks you to intervene in its crisis unit.
• You carry out a digital forensics investigation to understand the origin of an attack and identify the attacker's TTPs.
• Together with a CISO and the IT department, you rebuild a compromised information system., * Reactivity doesn't scare you: when a company calls, you're already on your way!
• You know how to handle difficult situations, calm customers, manage pressure/stress and spread serenity around you.
• Education is one of your strengths: you like to explain situations, procedures for blocking attacks, and what will be done to prevent them from happening again.
• You keep watch every day, which helps you understand how to react.
• Daily monitoring is essential for keeping abreast of the latest cybersecurity news.
• You are passionate about security and are looking for projects with added value within a dynamic company.

Do you have experience in React?, * German (full professional proficiency, C1) and English (full professional proficiency), Whatever your degree or background, we are above all looking for attitude, skills, values and motivation.

We are keen to integrate profiles from different backgrounds, and we are very proud of this because we are convinced that our team is enriched in this way and that diversity is an invaluable source of creativity and innovation. Therefore, this job profile exists in different seniority flavors.