Aller au contenu principal

CyberSecurity Engineer - CNI

00068895721


Job Summary

Collaborate with global cybersecurity teams to monitor investigate and respond to threats across Critical National Infrastructure environments using AlertLogic SIEM Splunk and Arcsight. Analyze high volume security events enhance detection content and support incident handling for Hi Tech clients in a hybrid work model while following day shift operations and ensuring strong cyber resilience.


Responsibilities

  • Monitor security events in real time using AlertLogic SIEM Splunk and Arcsight to detect suspicious activity across Critical National Infrastructure environments and Hi Tech platforms
  • Analyze correlated alerts to identify genuine security incidents while filtering out noise so that investigation efforts focus on the riskiest threats
  • Investigate security incidents end to end by collecting logs reviewing contextual data and documenting clear timelines that support decisive response actions
  • Coordinate with incident responders and infrastructure teams to contain threats eradicate malicious activity and validate successful recovery for affected systems
  • Develop and refine detection rules and correlation searches in AlertLogic SIEM Splunk and Arcsight to improve alert fidelity and reduce false positives over time
  • Create and maintain use cases and playbooks for common attack patterns targeting Hi Tech and Critical National Infrastructure environments to promote consistent incident handling
  • Perform root cause analysis on significant incidents and propose pragmatic control enhancements that reduce the likelihood of recurrence and strengthen security posture
  • Support vulnerability and configuration review activities by interpreting scan results and log data to highlight exploitable weaknesses in monitored systems
  • Collaborate with application cloud and network teams to integrate new log sources into SIEM platforms and validate that events are normalized enriched and searchable
  • Document investigation steps findings and corrective actions in case management tools with a high level of clarity that supports audit compliance and knowledge reuse
  • Produce concise operational reports and metrics that summarize incident trends tool performance and emerging risks for consumption by technical stakeholders
  • Contribute to continuous improvement of SOC workflows by suggesting automation tuning and process refinements that enhance efficiency and analyst experience
  • Participate in tabletop exercises and scenario based simulations that validate incident response readiness for Hi Tech and Critical National Infrastructure services
  • Assist with user awareness by sharing observed threat patterns and practical security hygiene recommendations that help reduce human related vulnerabilities
  • Coordinate with global teams in a hybrid work model to ensure consistent day shift coverage and smooth handover of ongoing investigations where required
  • Support adherence to regulatory and industry standards relevant to Critical National Infrastructure by aligning monitoring practices and documentation with policy expectations
  • Engage in knowledge sharing sessions to spread expertise on AlertLogic SIEM Splunk and Arcsight so that team capabilities grow collectively over time
  • Review new projects and technology changes impacting Hi Tech environments to provide input on logging monitoring and incident response requirements from the outset
  • Participate in threat hunting activities by exploring unusual patterns in logs and developing hypotheses that uncover stealthy or previously undetected malicious activity
  • Assist in evaluating and testing new security tooling or SIEM features that can improve detection quality analyst workflow and overall cyber defense effectiveness


Qualifications

  • Demonstrate practical experience in operating and tuning AlertLogic SIEM for log ingestion correlation and alert triage across complex enterprise environments
  • Apply hands on knowledge of Splunk searches dashboards and correlation rules to investigate incidents and deliver meaningful insights from high volume security data
  • Utilize working experience with Arcsight content development event schema and use case implementation to support robust and scalable security monitoring
  • Bring foundational understanding of cybersecurity principles including network security endpoint protection identity security and incident response lifecycle
  • Show exposure to Hi Tech or technology driven business environments where rapid innovation cloud adoption and complex architectures influence threat landscapes
  • Communicate technical findings clearly in both written and verbal form to diverse stakeholders so that recommended actions are understood and implemented
  • Collaborate effectively in hybrid teams while managing time and tasks independently during day shift operations without the need for frequent supervision
  • Display willingness to learn new security tools develop advanced SIEM skills and stay current with evolving threats that affect Critical National Infrastructure and Hi Tech sectors
  • Hold a formal degree or equivalent experience in information security computer science or a related discipline that supports analytical and problem solving skills


Certifications Required

Preferred certifications include CompTIA Security Plus or equivalent SIEM focused training such as Splunk Certified Core Power User

La communauté Cognizant : 

Nous sommes une équipe de professionnels dont les membres s'apprécient et se soutiennent mutuellement. Nos collaborateurs sont les garants d'un lieu de travail dynamique, collaboratif et inclusif où chacun peut s'épanouir.

  • Cognizant est une communauté mondiale qui compte plus de 300 000+ collaborateurs dans le monde entier.
  • Nous ne nous contentons pas de rêver de façons idéales, nous apportons des améliorations concrêtes
  • Nous prenons soin de nos collaborateurs, de nos clients, de notre entreprise, de nos communautés et du climat, en faisant ce qui est juste.
  • Nous favorisons un environnement innovant où vous pouvez construire le plan de carrière qui vous convient.

À propos de nous : 
Cognizant (NASDAQ : CTSH) est un concepteur d’IA et un fournisseur de services technologiques. Avec notre gamme de solutions IA full-stack, nous accompagnons nos clients au carrefour de l’investissement dans l’IA et de la valeur ajoutée. Notre grande expertise sectorielle, des processus et de l’ingénierie nous permet de convertir le contexte propre à chaque entreprise en systèmes technologiques amplificateurs du potentiel humain, générateurs de résultats tangibles et garants de l’avantage des acteurs internationaux dans un monde en constante évolution. Découvrez notre méthode sur www.cognizant.com ou suivez @cognizant.

Cognizant est un employeur soucieux de l'égalité des chances entre candidats. Votre candidature sera étudiée indépendamment de votre race, couleur, sexe, religion, croyances, orientation sexuelle, identité de genre, origine, handicap, informations génétiques, grossesse, statut d'ancien militaire ou de toute autre critère jugé discriminant par les lois européennes ou françaises.

Vous êtes porteur d'un handicap, vous pouvez-nous contacter par courriel [email protected] si vous souhaitez préciser les aménagements nécessaires pour le poste ou les entretiens à venir.

Mentions légales : 
Les informations relatives à la rémunération du poste à pourvoir dépendent de la date de publication de l’offre de poste. Cognizant se réserve le droit de modifier ces informations à tout moment, sous réserve des lois applicables.

Les candidats peuvent être invités à participer à des entretiens en face à face ou par vidéoconférence. En outre, les candidats peuvent être amenés à présenter une carte d'identité valide lors de chaque entretien.

Rejoignez notre communauté de talents

Vous n'avez pas encore trouvé la bonne opportunité ? Recevez les dernières offres d'emploi, les événements de recrutement et les actualités de l'entreprise qui vous concernent particulièrement.

S'inscrire