isecjobs.com

Information Systems Security Analyst - Reserve list exercise

Lyon, France, France, 69006

Full Time Entry-level / Junior EUR 44K - 82K * est.
Company logo

Interpol

INTERPOL enables police in our 196 member countries to work together to fight international crime.

View all jobs at Interpol

Apply now Apply later

Vacancy Notice 1067

 

INTERPOL is the world’s largest international police organization, with 196 Member Countries. Created in 1923, it facilitates cross-border police co-operation, and supports and assists all organizations, authorities, and services whose mission is to prevent or combat international crime. 


INTERPOL strives to achieve a diverse and inclusive workforce and welcomes applications from individuals with diverse backgrounds, experiences, and perspectives. To achieve our Diversity goals, we encourage applications from women and nationals of under/unrepresented member countries who are passionate about our mission. INTERPOL’s recruitment process is merit-based hence all hiring decisions are made considering the applicant’s qualifications and the needs of the Organization.

 

Job Title: Information Systems Security Analyst - Reserve list exercise
Reporting To: Security Operations Centre Manager
Location: Lyon, France
Type of contract: Fixed-term contract
Duration (in months): 36.00
Grade: 5   
Number of post: Reserve list exercise
Level of Security screening: Enhanced
Deadline for application: 9 April 2025

 

 

Conditions applying for all candidates

 

Only professional experience for which candidates can provide official proof of employment will be considered. Candidates could be requested to provide copies of such official documents prior to interviews/test.

 

This selection exercise will be used to generate a reserve list of suitable candidates that may be used to address Organization's similar staffing needs in the future.

 

Tests/interviews in connection to this selection procedure will take place approximately 3 to 4 weeks after the deadline for applications. Applicants are kindly requested to plan their availability during this period accordingly, in case they are short-listed.

 

​Selected candidates will be expected to report for duty approximately two to three months after receiving an offer of employment at the latest.

 

 

 

 

 

INTRODUCTION OF POST

 

 

The post-holder reports to the Security Operations Center Manager.


The Information Systems Security Analyst must know how to source, install and maintain various security systems, including but not limited to unified threat management (UTM), messaging gateway, security information and event management (SIEM), encryption system and endpoint security.


As part of the Security Operations Center (SOC) team, the Information Systems Security Analyst is required to observe server logs, firewall logs, intrusion detection logs, web filtering and antiviral systems for any unusual or suspicious activity, in order to prevent compromise. Conducting Incident Management, Business Impact Analysis (BIA) and Disaster Recovery Planning (DRP) is crucial, as well as ensuring that recovery configurations are updated frequently.


Information Systems Security Analyst is obligated to monitor external sources to find available security patches and are to prioritize and make recommendations for implementation.


Finally, it is expected that Information Systems Security Analyst demonstrates knowledge in the planning and creation of organization security documents and architecture. It is important to remain up to date with detailed knowledge of the IT security industry. This includes the awareness of new or updated security solutions, improved security processes and the development of new attacks and threat vectors.

 

 

PRIMARY DUTIES

 

 

Duty 1: Security and Collaboration in Operations

  • Participate in Security Operations Center (SOC) activities, SOC process improvement and support on-call duties / shift working time.
  • Monitor computer security risks, network events and signals from security tools to identify probable security incidents and communicate information to the relevant stakeholders as necessary.
  • Respond to IT security incidents, review daily alerts, perform triage, carry out in-depth investigations on security events and comply with Interpol’s Incident Management Process.
  • Evaluate events, incidents and attacks, identify the root cause of the attack, implement required security actions to counter the attack, and restore system operations.
  • Proactively explore the weaknesses and vulnerabilities in IT infrastructure.
  • Analyze threats and catch indicators of compromise, indicators of attack and advanced persistent threats.
  • Provide Strategy to Containment and Eradication and recovery procedures based on Disaster Recovery Plan.
  • Ensure a technology watch in order to remain up to date with new developments, trends and techniques in the domain of IT security.

 

Duty 2: Security Engineering

  • Maintain, configure and fine-tune IT security tools and related products, for example (not exhaustive): SIEM, SIM, UEBA, SOAR, Reverse Proxies, Directories, Identity Management, Identity Access, Antivirus, Vulnerability scanners, PKI, Authentication, Application Firewalls, etc.
  • Perform SIEM implementation and management: rules, logic, actions and alert creation to detect potential security incidents across the organization.
  • Gather requirements, perform troubleshooting, aid with the creation of SIEM search queries, improve the effectiveness and quality of the current detections, and reduce numbers of false positives.
  • Ensure that proper use cases, operational controls, procedures, tests and documentations are in place to quickly move from test to production.
  • Proactively seek to improve and develop new strategy based upon observed security events.
  • Perform deep data analysis to gain valuable understanding of the data.
  • Request to onboard new data sources into the SIEM.
  • Perform automated health checks, and ensure effectiveness of events and incident detection.

 

Duty 3: Security and Risk Management

  • Assist the SOC Manager by ensuring feasibility and coherence between organizational security polices and those of the IS&T Operations Sub-Directorate.
  • Propose mitigation steps based on presented Risk Assessments.
  • Participate in initiatives to inform and train colleagues about security awareness and best practices.
  • Assist the SOC Manager in drafting and maintaining various internal Standard Operating Procedures.
  • Assist the SOC Manager to the contribution to the IS Directorate yearly business plan and roadmaps.
  • Liaise with the SOC Manager in order to escalate any strategic IT security risks linked to technology or within the scope of work of the IS&T directorate.
  • Execute the relevant security audits, assessments, penetration tests etc. and advise the SOC Manager on corrective actions or enhancements to IT products or projects.

 

Perform any other duties as required by the SOC Manager.

 

 

REQUIREMENTS

 

 

Training/Education required

  • Three-to-four years’ education at a University or other specialized higher education establishment, in the field of software engineering, computer science, information technology, information security, mathematics, engineering or a related field preferred.
  • One or more internationally recognized IT Security Certifications (CISM, CISSP, CEH, etc.)

 

Experience required

  • At least three years of experience in the IT security field is required. Preferably having already worked in a Security Operations Center (SOC).

 

Languages

  • Fluency in English (written and spoken).
  • Proficiency in another official working language of the Organization (French, Arabic, and Spanish) would be an additional asset.

 

Specific skills required

The ideal candidate would have all of the following, however candidates with a very strong background in some of the following will also be considered:

  • Knowledge of the “defense in depth” approach to security.
  • Experience of cryptographic solutions, accreditation and certification, and IT Security techniques and best practices.
  • Experience of IT risk management.
  • Technical expertise in Network & Security Infrastructure components: Web Servers, Reverse Proxies, Firewalls, Web Application Firewalls, Authentication, SSO, PKI, SIEM, etc.
  • Excellent knowledge of Common protocols and their implementation: HTTP, LDAP, DNS, DHCP, etc.
  • Knowledge of cloud security principles and techniques.
  • An understanding of server and storage technologies: NAS and SAN storage, Distributed File Systems, Server Virtualization, Containerization, Databases, Mail servers and Backups.
  • Experience working in DevSecOps environment.
  • Operating Systems: Windows & Linux.

 

Special aptitudes required 

  • The post holder must be a person of the highest integrity. Discretion and confidentiality are of paramount importance to this post.
  • Excellent communication skills are required including the ability to compromise on less significant matters whilst maintaining a strong position on important security issues.
  • Ability to prioritize accordingly
  • Personal and professional maturity;
  • Ability to maintain objectivity and apply logical reasoning;
  • Ability to work in teams as well as individually;
  • Ability to work under pressure;
  • Good social skills, particularly in a multicultural environment
  • Initiative, creativity (original thinking) and curiosity;
  • Ability to develop and maintain professional networks;
  • Ability to synthesize;
  • Good listening skills.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  6  0  0
Category: Analyst Jobs

Tags: Antivirus Audits CEH CISM CISSP Cloud Computer Science DevSecOps DNS Encryption Endpoint security Firewalls Intrusion detection IT infrastructure LDAP Linux Mathematics PKI Risk assessment Risk management SIEM SOAR SOC SSO Strategy Vulnerabilities Windows

Perks/benefits: Team events

Region: Europe
Country: France

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Officer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSystems Engineer jobsSystems Administrator jobsInformation Security Manager jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsIT Security Analyst jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsSenior Cyber Security Engineer jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Information Security Engineer jobsThreat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobs
GDPR jobsSaaS jobsEncryption jobsBash jobsSplunk jobsTop Secret jobsSQL jobsEDR jobsFinance jobsMalware jobsThreat detection jobsRMF jobsIDS jobsSDLC jobsForensics jobsIPS jobsITIL jobsTerraform jobsDocker jobsIntrusion detection jobsCompTIA jobsActive Directory jobsDoDD 8570 jobsSOC 2 jobsOWASP jobs
SAP jobsCRISC jobsGIAC jobsUNIX jobsSANS jobsHIPAA jobsAnsible jobsCCSP jobsOSCP jobsJira jobsBanking jobsSOX jobsVPN jobsTCP/IP jobsSOAR jobsIT infrastructure jobsMITRE ATT&CK jobsMachine Learning jobsJavaScript jobsClearance Required jobsVMware jobsData Analytics jobsIndustrial jobsCISO jobsNIST 800-53 jobs