CSIRT Analyst (H/F)

Job Locations FR-92-Courbevoie
Job Post Information* : Posted Date 3 weeks ago(30/05/2024 11:50)
Digital and IT-Cybersecurity
Primary Location : Location
Primary Location : Postcode

Job Description

Are you looking for a new place to develop your skills, exercise your entrepreneurial spirit and promote the technical expertise of our teams?
To participate in the future of one of the world leaders in digital, industrial and environmental transition for industries, companies and communities,

JOIN Equans

Equans is the new autonomous entity of Bouygues and has currently almost 90,000 employees working in 20 countries within companies with strong local brands such as Bouygues Energy & Services, INEO, AXIMA, FABRICOM and SPL Powerlines. Equans currently has a turnover of €17 billion and is a pure player with 6 areas of expertise -
HVAC/ Cooling/ Facility Management/ Digital & ICT/ Electrical/ Mechanical & Robotics, EQUEquans ANS offers solutions and services that meet the energy, industrial and digital needs of industries, cities and buildings to improve their performance. Equans also has cutting-edge expertise in specific industrial sectors (public transport, marine, retail, biotech, etc.) and a detailed knowledge of critical industrial processes.


By developing advanced technical and technological skills that are increasingly innovative and effective for its clients, Equans aspires to be the world leader in a highly competitive environment. As part of its new organization and the global challenges facing Equans in the field of cybersecurity, the IT Department of Equans is looking for :


CSIRT Analyst (M/F)
Position based at La Défense (92)

Within the CSIRT of Equans, you ensure the initial detection, preliminary assessment and response to IT security incidents. By examining the technical data collected, you identify the attackers' modus operandi, determine their objectives and evaluate the extent of the attacks in order in particular to search within the environment for elements that could indicate a potential compromise. Through an investigation report, you offer recommendations to resolve problems and strengthen the security of affected systems. You suggest actions to take to thwart and resolve the incident, including cleaning and strengthening the security of affected systems. You carry out constant monitoring of new vulnerabilities, emerging technologies and attack methods linked to system components, by developing appropriate investigation tool



Your main tasks and activities will be to :

  • Monitor tactics, techniques and procedures (TTP) used by cyber threat actors and their trends;
  • Carry out structured threat hunting in order to identify weak signals within our environment;
  • Enrich and integrate TTPs and indicators of compromise into monitoring tools;
  • Produce actionable reports based on threat intelligence data;
  • Perform real-time incident response in order to participate in the whole lifecycle of the incident (identification and monitoring of the attack path, collection of artifacts for forensic analysis, threat analysis and remediation actions);
  • Propose new rules and means to be implemented to improve our overall detection;
  • Participate in intrusion tests and red team missions;
  • Be a major actor in the development of the threat intelligence platform;
  • Introduce information related to cybersecurity to improve awareness and implementation of security practices;
  • Develop and maintain relationships with experts or organizations that can help or participate in the CSIRT’s mission;
  • Continuously improve the service provided and report to the CSIRT manager
  • Support the CSIRT manager in the preparation of committees

In conjunction with Equans internal teams and partner teams:

  • Inform management of suspected incidents and explain the history by providing punctual feedback with the status and potential impact of the event;
  • Provide advice on disaster recovery, emergency and business continuity plans, at the tactical, operational and strategic levels;
  • Recommend measures to circumvent and remediate the incident.

Your profile:

  • You have technical background demonstrating the ability to perform the assigned tasks;
  • You are autonomous, technically versatile and have the ability to tackle new and stimulating technical subjects;
  • You master monitoring and intrusion detection tools, as well asincident managementsystems;
  • You have an excellent methodological approach to managing incident responses;
  • You are competent in static malware analysis;
  • You demonstrate interest and skills in developing task automation;
  • Curious, rigorous, you have a taste for challenge;
  • You are comfortable in a decentralized and multicultural organization with varying levels of maturity in terms of cybersecurity;
  • Good communicator, you have interpersonal skills and you adapt easily to various people;
  • You have a sense of ethics, and know how to exercise discretion;
  • You are fluent in English and willing to work in an international context;
  • You have one or more certifications related to incident response (SANS, OSCP, etc.) and possibly cyber threat intelligence are desirable


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed