Senior Security Analyst

Orange Cyberdefense, an Orange Group company, is one of the world's leading cyber security services and solutions providers.

Orange Cyberdefense enjoys 25 years’ experience in the field of global information security, providing products and services for leading organisations in over 160 Countries.

We are building a safer digital society, protecting individual and corporate freedom across geographies.

Working as a Senior Security Analyst

The role involves independently investigating potentially serious situations for large, international clients, requiring composure under pressure and precision in communication. Therefore, we expect you to already be familiar with one or more of the tool suites we use, such as Splunk, Palo Alto Cortex, Microsoft 365 Defender, Sentinel, and Cybereason, and have experience analyzing data within these platforms. Communication skills are a critical part of the role, as you will frequently need to convey technical information in a straightforward way and adapt your language to the audience.

As an analyst with us, your job will be to protect our clients from IT security attacks. Your responsibilities will include identifying and analyzing potential incidents and escalating them to our clients. You will have access to several SIEM, SOAR, and XDR tools. A senior analyst in our team is expected to stay updated on current threats and actively drive or participate in initiatives that enhance our capabilities, spread knowledge, or strengthen our clients’ defenses. You are the detective who proactively and reactively counters cyberattacks on behalf of our clientele.

This position involves working in a three-shift rotation (morning, afternoon, and night).

Key Responsibilities:

• Analyze incoming alerts to assess their credibility and severity.
• Independently evaluate and take appropriate actions.
• Document the progression of incidents.
• Inform and advise clients on incidents and responses.
• Hunt threats proactively.
• Build or modify detections.
• Improve existing procedures or design new ones.
• Contribute to our database of threats and indicators.
• Deconstruct malware and share insights with the team.
• Lead internal improvement initiatives with a high degree of autonomy.
• Participate in or coordinate collaborations with other parts of the organization, such as:
• Tabletop exercises
• Purple team exercises
• Exchanges like “line days”
• Develop training material, such as CTF (Capture the Flag) challenges, for internal use.
• Act as a mentor for new colleagues and guide their professional development.

What we expect of you:

• Experience working in SOC/CSOC organizations or related roles.
• Experience in coordinating and managing critical security incidents.
• Experience with the following tools: Palo Alto Cortex, Microsoft 365 Defender, Microsoft Sentinel, Splunk, Cybereason.
• Certifications such as CompTIA Security+, Network+, Pentest+, Cybersecurity Analyst+, Security Blue Team CBT-1, CBT-2, OSCP, or other offensive security certifications.
• For this specific team, as we work with the public sector, Swedish citizenship is required to undergo a security clearance.

What you can expect from us

• Never stop learning - We want to be the best in what we do and therefore we provide training, certifications and learning opportunities for every employee so you continuously enrich your skills.
• Transparency - Communication is key! So we organize company and team meetings on a regular base so everyone is informed properly.
• Reputable brand - You will join an internationally, growing company with over 25 years experience in the industry. This makes us experts in what we do. We have an international presence and yet local teams to assist our customers.
• The good life ...