Information Security Incident Handler (F/H)

Location 92-HAUTS-DE-SEINE, France
Experience level Experienced Hire
Job details sector Information Technology
Apply before Date not available
Job purpose
  • Handle security incidents to ensure timely mitigation and escalate to appropriate incident resolver groups and leadership as required
  • Handle high severity incidents during non-working hours (on-call)
  • Assess, analyse, categorize, classify and investigate security incidents
  • Collect and document evidence needed for investigation and digital forensics
  • Control and contain security incidents
  • Follow-up security incidents resolution and track updates in ticketing tool
  • Notify and communicate to relevant stakeholders
  • Support SOC Security Analysts and local security incident handlers
  • Perform lessons learned activities, e.g. security incident reviews, post mortem documentation…
  • Participate in use case development and SIEM rules threshold tuning



Key responsibilities

  • Security Incident Handling
  • Security Incidents reports and lessons learned
  • Communication to stakeholders
  • Security Incident Handling documentation
  • Collect and document data from a variety of sources to assist incident response actions




  • Bachelor degree in Computer Science or Information Security would be desirable but is not essential



  • Recommended: Security infrastructure certifications
  • Recommended: ITIL foundation
  • Optional: GIAC GCFA (SANS FOR508)
  • Optional: Offensive security certification (OSCP, SEC560, CEH)


Overall work experience in the field

  • Demonstrated experience in performing Information security incident analysis and response > 1 years
  • Demonstrated experience in SOC/CSIRT > 2 years
  • Demonstrated experience in network / security infrastructure administration > 1 years
  • Demonstrated experience Linux/Windows administration > 1 years
  • Demonstrated experience in large and complex organisation(s) > 1 years
  • Demonstrated experience in usage of ticketing tools
  • Demonstrated on-the-job experience with any of the standard commercial SIEM tools


Technical Skills / abilities

  • Ability to identify risks, threats, vulnerabilities and associated attacks that might involve: malicious code, protocol/design/configuration flaws…
  • Strong troubleshooting and analytical skills
  • Understanding the Internet and detailed knowledge of network protocols (Ethernet, 802.11.X, IP, ICMP, TCP, UDP…)
  • Knowledge of application/services related protocols (DNS, SMTP, HTTP, FTP…)
  • Knowledge of network infrastructure elements and architecture (Firewall, Proxy, IPS, WAF…)
  • Knowledge of current security vulnerabilities and related attack methodologies
  • Detailed knowledge of packet capture analysis and usage of associated tools
  • Detailed knowledge of log management (Syslog, CEF, debug levels, parsing…)
  • Knowledge of encryption algorithms, digital signature mechanisms and PKI
  • Knowledge of scripting, character manipulation and regular expressions


Personal Skills / abilities

  • Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
  • Good interpersonal and communication skills, works effectively as a team player
  • Common sense to make efficient and acceptable decisions
  • Willingness to continue education and to stay up to date, passionate about IT and information security
  • Ability to work under pressure
  • Ability to lookup for information and to solve unknown problems
  • Diplomacy when dealing with other parties
  • Ability to function effectively in a matrix structure
  • Cross cultural sensitivity, flexibility
  • Fluent in English

Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life?  Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things. 
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.

To support our business strategy and digital transformation, AXA is building a new Group Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.

At AXA, we lead a an HR policy that encourages diversity, maintains your  professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.