CrawlJobs Logo

Csirt analyst

https://www.soprasteria.com Logo

Sopra Steria

Location Icon

Location:
Singapore , Singapore

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are hiring a CSIRT / Cybersecurity Incident Response Analyst to assist one of our clients in the automotive industry. This role will act as the key liaison between local business and technical teams and the global cybersecurity operations team, supporting incident response, escalation management, and cybersecurity operations coordination for critical environments. This role ensures strong proximity, rapid response capability, and expert-level support during complex or critical cybersecurity incidents. The candidate enhances mutual understanding between business, functional, and technical stakeholders, while ensuring efficient escalation handling, mitigation tracking, and incident coordination.

Job Responsibility:

  • Serve as the local cybersecurity management contact
  • Maintain close proximity to on-site teams to understand operational need, critical assets, operational priorities and constraints
  • Act as a trusted relay between stakeholders and central CDOC/SOC teams
  • Facilitate and coordinate incident escalations to appropriate teams
  • Act as an escalation point for complex cases requiring expert arbitration or cross-team coordination
  • Ensure follow-up of mitigations, remediation plans, and corrective actions
  • Intervene in complex or critical cybersecurity incidents that fall outside standard response procedures and require advanced incident response expertise
  • Support and, when required, lead complex operational response actions, from containment to threat eradication
  • Oversee and validate technical remediation and system restoration, ensuring secure and controlled recovery of the information system
  • Guarantee alignment between technical risks, business impacts, and client priorities throughout incident handling
  • Provide expert support to crisis management and assume a coordination role, under CSIRT guidance, during critical incidents, including major attacks or high-impact security events
  • Translate functional and business requirements into clear technical requirements for cybersecurity teams
  • Contribute to the definition and alignment of global cybersecurity solutions, ensuring local constraints and feedback are considered
  • Support continuous improvement of detection, response, and operational processes
  • Ensure effective two-way communication: from sites to Detection & Response teams (context, impact, priorities) and from central teams to local stakeholders (status, actions, recommendations)
  • Promote knowledge sharing and operational best practices
  • Actively contribute to improving daily operations, responsiveness, and service quality
  • Leverage experience and expertise to deliver daily added value to operational teams

Requirements:

  • Strong knowledge of cybersecurity operations, SOC/CDOC environments, and incident response processes
  • Proven ability to coordinate across technical and non-technical stakeholders
  • Experience in incident management, escalation handling, and mitigation tracking
  • Ability to translate business needs into technical cybersecurity requirements
  • Strong communication, facilitation, and coordination skills
  • Autonomous, proactive, and solution-oriented mindset
  • Experience or Knowledge of products Sentinel and Logic Apps
What we offer:
  • Hybrid working mode and Work-from-Abroad benefits
  • 18 days of Annual leave
  • Comprehensive coverage including General Practitioner, hospitalization, dental, and optical
  • Annual bonus based on individual performance
  • Training programs, certification opportunities, and training incentives to support career growth
  • Regular team-building activities and social events

Additional Information:

Job Posted:
May 15, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Sopra Steria - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Csirt analyst

Cybersecurity Expert (SOC & Cloud)

The Security team is excited to welcome a motivated Cybersecurity Expert to help...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
leadtech.com Logo
Leadtech Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor/ Master's degree in Cybersecurity, Information Security, Computer Science, or a similar discipline
  • Knowledge of Security frameworks such as ISO 27001, NIST, PCI-DSS, OWASP, GDPR
  • Knowledge of technical concepts such as cloud computing, code review, application security, cryptography, forensics, vulnerability detection (Azure & AWS are a must)
  • Deep Knowledge of cybersecurity/technical concepts such as: GNU/Linux systems
  • Microsoft Sentinel and Defender, as well as experience with writing KQL queries
  • Microsoft Azure (Network Security Groups, Recovery Services Vaults, Playbooks and Workbooks)
  • TCP/IP, DNS, and firewalls
  • Python, Bash, and SQL, Java, PHP
  • Familiarity with attack and exploitation techniques involving operating systems, applications, and devices (CISSP, CompTIA, CEH)
  • Understanding of security best practices for data and systems protection
Job Responsibility
Job Responsibility
  • Operate & optimize (and potentially Lead) a Security Operations Center (SOC)
  • Advanced Incident Investigation and Analysis
  • Handling Complex Threats: Investigating high-priority alerts escalated from Tier 1/2, such as potential APTs (Advanced Persistent Threats) or ransomware
  • Deep-Dive Analysis: Performing forensics on compromised systems, analyzing malware, and reconstructing attack chains using packet captures and log data
  • Cross-Source Correlation: Stitching together fragmented data from SIEM, EDR (Endpoint Detection and Response), and NDR (Network Detection and Response) tools to build a comprehensive picture of the attack
  • Proactive Threat Hunting and Detection Engineering
  • Threat Hunting: Proactively searching network and endpoint data for undetected, hidden threats rather than waiting for alerts
  • Rule Creation & Tuning: Developing custom detection logic and SIEM correlation rules to identify new malicious behavior
  • Reducing False Positives: Refining alert systems to minimize noise, ensuring the team focuses on genuine security incidents
  • Incident Response and Containment
What we offer
What we offer
  • Flexible career path with personalized internal training and an annual budget for external learning opportunities
  • Flexible schedule with flextime (7 - 9:30 a.m. start, 3:30 - 6 p.m. end)
  • Free Friday afternoons with a 7-hour workday
  • 35-hour workweek in July and August
  • Competitive salary
  • Full-time permanent contract
  • Top-tier private health insurance (including dental and psychological services)
  • 25 days of vacation plus your birthday off, with flexible vacation options—no blackout days
  • Office in Barcelona complete with free coffee, fresh fruit, snacks, a game room, and a rooftop terrace with stunning Mediterranean views
  • Ticket restaurant and nursery vouchers, paid directly from your gross salary
  • Fulltime
Read More
Arrow Right
New

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst

In the Bosch Cyber Security Organization, we coordinate the vulnerability manage...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Completed university degree (Master/Diploma/PhD) in Information Security, Computer Science, Software Development, Electrical Engineering, Mathematics, or comparable field
  • Team player familiar with cooperation and delegation
  • Versatile and communicative individual who enjoys preparing and sharing information tailored to target audience
  • Strong technical background in security and several years of professional experience in multiple fields: IT Security, Cloud Security, Embedded Security, Industrial Control Systems (ICS), Industrial IoT (IIoT), Consumer IoT, Software Security and Security Research, Vulnerability Management process design and execution
  • Ideally basic knowledge in operational management of CSIRT, CERT, or Product-CERT
  • Love challenges while defining and implementing processes in new, effective, and user-oriented manner
  • Very good English written and spoken
  • German would be an important asset
Job Responsibility
Job Responsibility
  • Investigate and assess vulnerabilities within operational environment
  • Provide basis for prioritizing vulnerability remediation follow-up
  • Work closely with development and operations teams in Poland and tracking teams in India
  • Support further development of Enterprise Security Advisory Services
  • Track risks through vulnerabilities
  • Continuously identify process improvements for enhanced tool support
  • Coordinate implementation of improvements with international teams
  • Actively work as team to network with external stakeholders
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Professional support and knowledge sharing
  • Ongoing development opportunities in multinational environment
  • Broad access to professional trainings including language courses, conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits including MultiSport, shopping vouchers, cinema tickets
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst

In the Bosch Cyber Security Organization, we coordinate the vulnerability manage...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Completed university degree (Master/Diploma/PhD) in Information Security, Computer Science, Software Development, Electrical Engineering, Mathematics, or a comparable field of study
  • Team player who is familiar with both cooperation and delegation
  • Versatile and communicative individual who enjoys preparing and sharing information tailored to the target audience
  • Strong technical background in security and several years of professional experience in multiple of the following fields: IT Security, Cloud Security, Embedded Security, Industrial Control Systems (ICS), Industrial IoT (IIoT), Consumer IoT, Software Security and Security Research, Vulnerability Management process design and execution
  • ideally basic knowledge in the operational management of a CSIRT, CERT, or Product-CERT
  • Love challenges, while defining and implementing processes in a new, effective, and user-oriented manner
  • Very good English, written and spoken
  • German would be an important asset
Job Responsibility
Job Responsibility
  • Investigate and assess vulnerabilities within their operational environment, providing the basis for prioritizing the follow-up of vulnerability remediation
  • Work closely with development and operations teams in Poland, as well as tracking teams in India, supporting the further development of our Enterprise Security Advisory Services and the tracking of risks through vulnerabilities
  • Continuously identify process improvements for enhanced tool support and coordinate their implementation with the respective international teams
  • Actively work as a team to network with external stakeholders
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst - Level 3

We are seeking a skilled Cyber Security Analyst (Level 3) to strengthen our Cybe...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bring 10+ years of experience in SOC operations, SIEM technologies, event analysis, and incident investigation
  • Have strong hands-on expertise with SIEM platforms such as ArcSight, Splunk, QRadar, LogRhythm, or similar technologies
  • Demonstrate solid understanding of network and security concepts, correlation logic, and detection mechanisms
  • Possess analytical thinking and clear written and verbal communication skills
  • Experienced in cloud technologies and global customer environments
  • Hold an academic background in Computer Science, Information Technology, Engineering, or a related discipline
  • Preferably hold security certifications such as CISM, CISSP, or SANS credentials
  • Known for integrity, self-motivation, collaborative working, and cultural sensitivity
  • Able to guide and coach new team members effectively
Job Responsibility
Job Responsibility
  • Lead end-to-end analysis, triage, and investigation of security alerts and incidents
  • Serve as the primary subject matter expert for escalated technical queries within the CSOC
  • Drive automation initiatives and continuous process stabilisation efforts
  • Collaborate closely with onshore teams to refine alert logic, reduce false positives, and optimise detection mechanisms
  • Create and maintain Standard Operating Procedures (SOPs), Knowledge Error Databases (KEDBs), playbooks, and knowledge base articles
  • Mentor and guide new joiners to build team capability and confidence
  • Produce management reports covering alert trends, investigation insights, and process performance
  • Participate and contribute to daily stand-up discussions and incident review sessions
  • Conduct knowledge‑sharing sessions to drive continuous learning within the team
  • Engage with local market CSIRT teams to support ongoing cases and ensure positive customer experience
What we offer
What we offer
  • Opportunity to work as a senior specialist influencing cyber defence capabilities across global markets
  • Exposure to advanced SIEM technologies, cloud environments, and global threat landscapes
  • Ability to lead improvement initiatives and shape operational efficiencies
  • Continuous learning through brown-bag sessions, cross‑team collaboration, and advanced certification pathways
  • Leadership opportunities through mentoring and guiding team members
Read More
Arrow Right

Threat Simulation Analyst

We're looking for a Threat Simulation Analyst to join our Group CISO team. You'l...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
legalandgeneral.com Logo
LegalAndGeneral
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of Strategic, Operational and Tactical threat intelligence
  • A current understanding of cyber security incidents and how they could be practised within exercises to test the resilience of L&G
  • Experience in the creation and implementation of short-term and long-term plans for developing a programme of exercises
  • Threat intelligence and/or Information Technology industry certification (CREST, SANS or equivalent) would be great
  • Prior experience of delivering tabletop exercises or crisis simulations would be a huge plus!
Job Responsibility
Job Responsibility
  • Developing threat simulation exercises and scheduling quarterly (at least) exercises with all Group Business Units
  • Reviewing threat intelligence, data and trends and creating CSIRT exercises that support the development of mitigations
  • Developing and creating metrics by which progress of the threat simulation exercises can be demonstrated
  • Leading regular reviews with internal stakeholders to obtain and ensure that current and possible threats are exercised to best practice
  • Conducting threat intelligence research utilising open source, paid, community and national feeds to monitor and assess current and emerging threats that could pose a risk to L&G
  • Coordinating with other security and operational teams to ensure any threat assessments and actions are progressed as required
  • Producing written or verbal threat intelligence artifacts as required, identifying trends within physical security, cyber security or geo-politics
  • Defining, developing and delivering processes and systems to ensure a consistent and good level of service that means divisions can comply with all regulatory and security requirements
What we offer
What we offer
  • The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes
  • Generous pension contribution
  • Life assurance
  • Healthcare Plan (permanent employees only)
  • At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
  • Competitive family leave
  • Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
  • There are the many discounts we offer – both for our own products and at a range of high street stores and online
  • In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart
  • Fulltime
Read More
Arrow Right

Cyber Defence Analyst

We are seeking a skilled and proactive Cyber Defence Analyst to join our Securit...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years of experience in Cyber Security, SOC operations, SIEM, and incident management
  • Strong understanding of network and security concepts and SIEM technologies (e.g., ArcSight, Splunk, QRadar, LogRhythm)
  • Holds industry-recognised certifications such as CEH, CCNA Cyber Ops, Security+
  • Excellent analytical and communication skills
  • Degree in Computer Science, Information Technology, Engineering, or a related field
  • Experience in global customer handling and event analysis
  • Demonstrates integrity, self-motivation, and cultural sensitivity
Job Responsibility
Job Responsibility
  • Investigate, analyse, and triage security alerts using CSOC tools
  • Document event and case analysis in the incident management system and manage cases through closure
  • Perform historical analysis of detected events and support incident managers
  • Participate in daily stand-up calls and contribute to knowledge base development
  • Collaborate with local market CSIRT teams and ensure effective communication across global teams
  • Proactively reduce alert volumes through fine-tuning and process stabilisation
  • Communicate emerging threats and malware behaviours clearly to stakeholders
  • Ensure mitigation measures are in place to reduce spam and phishing alerts
  • Maintain composure under pressure and respond effectively during emergencies
What we offer
What we offer
  • Opportunity to work in a global 24/7 cyber defence environment
  • Exposure to advanced security tools and technologies
  • Collaboration with international teams and senior security experts
  • Contribution to Vodafone’s mission to protect digital assets and infrastructure
  • A dynamic and inclusive workplace that values continuous learning and innovation
Read More
Arrow Right

L1 Cyber Defence Analyst

We are seeking a skilled and proactive Cyber Defence Analyst to join our Securit...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years of experience in Cyber Security, SOC operations, SIEM, and incident management
  • Strong understanding of network and security concepts and SIEM technologies (e.g., ArcSight, Splunk, QRadar, LogRhythm)
  • Holds industry-recognised certifications such as CEH, CCNA Cyber Ops, Security+
  • Excellent analytical and communication skills
  • Degree in Computer Science, Information Technology, Engineering, or a related field
  • Experience in global customer handling and event analysis
  • Demonstrates integrity, self-motivation, and cultural sensitivity
Job Responsibility
Job Responsibility
  • Investigate, analyse, and triage security alerts using CSOC tools
  • Document event and case analysis in the incident management system and manage cases through closure
  • Perform historical analysis of detected events and support incident managers
  • Participate in daily stand-up calls and contribute to knowledge base development
  • Collaborate with local market CSIRT teams and ensure effective communication across global teams
  • Proactively reduce alert volumes through fine-tuning and process stabilisation
  • Communicate emerging threats and malware behaviours clearly to stakeholders
  • Ensure mitigation measures are in place to reduce spam and phishing alerts
  • Maintain composure under pressure and respond effectively during emergencies
What we offer
What we offer
  • Opportunity to work in a global 24/7 cyber defence environment
  • Exposure to advanced security tools and technologies
  • Collaboration with international teams and senior security experts
  • Contribution to Vodafone’s mission to protect digital assets and infrastructure
  • A dynamic and inclusive workplace that values continuous learning and innovation
Read More
Arrow Right