Cyber Security Operations Specialist

• Continuously monitor security systems and networks for unusual activity or potential threats
• Analyse security alerts and logs to identify and respond to incidents
• Investigate security incidents and breaches to determine their cause and impact
• Coordinate the response to security incidents, including containment, eradication, and recovery
• Maintain a concise, audit-ready Incident Response Plan that defines severity matrix, escalation paths, decision authority, evidence handling, and communications (internal, executive, legal, regulator)
• Own a version-controlled repository of actionable playbooks (phishing, business email compromise, ransomware, webshell, data exfiltration, insider risk, credential theft, cloud token abuse)
• Ensure that logs from servers, cloud apps, domain controllers, proxies, domain controllers, email and smtp gateways, PUAM, firewalls are collected, easy to read, time-synchronized, and stored securely
• Build and maintain smart alert rules that spot real attacks (based on MITRE ATT&CK) and reduce noisy false alarms
• Create dashboards and weekly reports that show what we’re seeing and how fast we respond
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
• Utilize threat intelligence and threat hunting techniques to enhance the organization’s security posture
• Work closely with Technology teams, management, and external partners to ensure a cohesive security strategy
• Participate in security audits and assessments
• Conduct forensic analysis of security incidents to determine root causes and prevent future occurrences
• Perform other tasks assigned by Line Manager

• Minimum of 3-5 years of experience in Security Operations and Threat hunting
• Bachelor's degree in computer science, information technology, cyber security, or a related field
• Proficiency in security tools (e.g., SIEM, IDS/IPS, firewalls)
• Knowledge of networking protocols and architecture
• Familiarity with operating systems (Windows, Linux) and cloud environments
• Strong analytical and problem-solving abilities to assess risks and respond effectively to incidents
• Excellent analytical and problem-solving skills
• Strong communication skills to effectively convey technical information to non-technical stakeholders. [French and English]
• Ability to work independently and as part of a team in a fast-paced environment
• A keen eye for detail to detect anomalies in data and logs
• Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standards and GDPR

Relevant certifications such as Microsoft Certified Security Operations Analyst Associate, Blue Team Level 1 (BTL1), CompTIA CySA+, or Certified SOC Analyst (CSA), ECIH or equivalent would be beneficial.