Senior Information Security Analyst (Detection Engineering)

Company Description

About Eurofins

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and the environment safer, healthier and more sustainable. From the food you eat to the medicines you rely on, Eurofins works with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic and labelling is accurate. Eurofins is a global leader in food, environmental, pharmaceutical and cosmetic product testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, CDMO, advanced material sciences and in the support of clinical studies.

In over just 30 years, Eurofins has grown from one laboratory in Nantes, France to 58,000 staff across a network of over 1,000 independent companies in 54 countries, operating 900 laboratories. Performing over 450 million tests every year, Eurofins offers a portfolio of over 200,000 analytical methods to evaluate the safety, identity, composition, authenticity, origin, traceability and purity of biological substances and products, as well as providing innovative clinical diagnostic testing services, as one of the leading global emerging players in specialised clinical diagnostics testing.

Eurofins is one of the fastest growing listed European companies with a listing on the French stock exchange since 1997. In FY 2021, Eurofins achieved a record revenue of over EUR 6.7 billion.

Eurofins IT Solutions India Pvt Ltd (EITSI) is a fully owned subsidiary of Eurofins and functions as a Global Software Delivery Center exclusively catering to Eurofins Global IT business needs. The code shipped out of EITSI impacts the global network of Eurofins labs and services.

The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Young and dynamic, we have a rich culture and we offer fulfilling careers.

Job Description

As part of the Security Analysis team, you will be assessing and reducing threats of Eurofins. The team is also responsible for: Network Reconnaissance, Security Intelligence, Threat Hunting, Proactive Penetration Testing (Purple Team), Anomaly Analysis, and Trapping and Coercion.

We are looking for someone who has experience in Information Security and wants to take the next step in the adventure. In its purple team capacity, candidates will be expected to manage and enhance the SIEM and security sensor rulesets and configurations. Candidates will work closely with the Security Intelligence and Threat Hunting team, Incident Response and monitoring analysts to define and tune rules and device security policies to meet the mission requirements.

Specific Assignments:

The main responsibilities of the Detections Engineer:

• Responsible for creating, tuning and enhancing security policies on SIEM, EDR with a special focus on SIEM rules development;
• Work with project teams to design, implement and distribute monitoring policies;
• Implement detection methodologies across the MITRE ATT&CK framework;
• Provide guidance on threat detection best practices, technical requirements, and integration;
• Develop and maintain expertise in a wide variety of technology platforms, threat vectors, and threat actors and communicate it to technical and non-technical personnel;
• Monitor and recommend improvements based on events or incidents of apparent security breaches detected by SIEM in areas including networks, applications, databases, systems, and endpoints.
• Manage and improve information security documentation as required;

Provide support during investigations and threat hunt missions as required

Qualifications

Overall 4-7 years of experience and minimum of 3 years of relevant experience in threat intelligence, intrusion analysis, incident response, malware analysis, security operations or similar role.

Required

• Expert level experience researching, creating and tuning SIEM rules in one or more products;
• Basic proficiency managing and extracting data from common database standards;
• Demonstrated understanding of the threat intelligence lifecycle, network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs);
• Demonstrated hands-on experience analyzing high volumes of logs, network data and other attack artifacts;
• Basic understanding of IP networking technology, to include addressing, routing, common protocol usage, and network architecture;
• Hands-on experience as an administrator configuring one or more of SIEM, Endpoint Protection sufficient to make common changes unassisted;
• Drive creation, maintenance and documentation of logging standards;
• Design, build and maintain cyber threat detection tooling.

Appreciated

• Proficient with one or more scripting languages such as Powershell, Python, Bash, etc. in a threat intelligence or incident response environment;
• Understanding of cloud security fundamentals (Azure, AWS, etc.);
• Experience creating and tuning rules using common standards like Sigma, Snort, Yara;

Personal profile

• Very good English communication skills (concise writing and orally convincing).
• Very good interpersonal relation skills.
• Ability to work in a complex international environment.
• Eager to learn and continuously develop personal and technical capabilities.
•  

Education required:

• B.Sc. or M.Sc. in Information Technology or Information Security;
• Languages: fluent English;

Additional Information

Personal Profile

·       Ability and willingness to work in an international environment;

·       Eager to learn and continuously develop personal and technical capabilities;

·       Very good communication skills in English (concise writing and orally convincing);

·       Very good interpersonal relation skills at all levels of the organization;

·       Very good presentation skills;

·       Hands on attitude, showing initiative;

·       Attention to details;

·       Self-Organized with very good time management skills.

Languages requirement

·       English (Excellent command required in both oral and written English).

Other

·       The position will be based in Bangalore (India)