Cyber Security Analyst
Paris, France
Ledger
Secure your crypto assets such as Bitcoin, Ethereum, XRP, Monero and more. Give yourself peace of mind by knowing that your cryptocurrencies are safeFounded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in UK, US, Switzerland and Singapore, Ledger has a team of more than 900 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 6 millions units already sold in 200 countries.
Ledger is actively seeking a Cyber Security Analyst who will serve as a crucial link in our cybersecurity chain for the Security Operation, with a specific emphasis on maintaining vigilance over security events, managing internal and external user-reported vulnerabilities, and ensuring comprehensive visibility of security automation efforts across the organization. This role demands a proactive approach to identifying and mitigating threats, utilizing our SIEM, security tools, and closely monitoring software vulnerabilities through our SBOM registry on a daily basis.A key aspect of this position is to oversee the organization's security automation, particularly the integration and effectiveness of GitHub workflows for SAST (Static Application Security Testing), ensuring that these automated processes are correctly working within our GitHub Actions. This role is foundational in upholding the security and integrity of our security operations.
Your mission
- Monitor security events with our SIEM and various security tools, ensuring a continuous overview of potential security threats.
- First contact with our 3rd security product partners.
- Engage in daily security operations focused on secret detection, CVE vulnerability tracking, license issues, via our SBOM registry, and the monitoring of new public CVEs
- Conduct initial triage and prioritization of user-reported vulnerabilities, facilitating prompt and effective resolution by the corresponding team (either Engineering or Infrastructure).
- Maintain visibility of the organization's security automation efforts, particularly the integration and performance of GitHub workflows for SAST within our GitHub Actions.
- Define and track clear metrics for the security operation organization, measuring performance and the effectiveness of security initiatives.
- Review, consolidate, and report SAST results to identify vulnerabilities trends in our software code base and contribute to the maintenance of high security standards in software development.
- Enhance and adhere to Ledger’s security protocols and practices, ensuring alignment with industry standards and best practices.
What we’re looking for
- Proven experience in cybersecurity analysis, with a focus on security event monitoring, vulnerability management, and incident response.
- Proficiency with SIEM tools and a thorough understanding of security technologies and methodologies.
- Skilled in defining, measuring, and reporting on key security metrics, showcasing the impact and progress of security efforts.
- Capable of prioritizing and managing responses to vulnerabilities with acute attention to detail and a proactive security instance.
What’s in it for you?
- Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
- Flexibility: A hybrid work policy.
- Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
- Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
- Well-being: Personal development, coaching & fitness with our dedicated partners.
- Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
- High tech: Access to high performance office equipment and gadgets, including Apple products.
- Transport: Ledger reimburses part of your preferred means of transportation.
- Discounts: Employee discount on all our products.
#LI-HG #LI-Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation Crypto GitHub Incident response Monitoring SAST SBOM SIEM Vulnerabilities Vulnerability management
Perks/benefits: Equity Fitness / gym Health care Insurance Medical leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs