PChoosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. /ppJoin us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. /ppbr/ppNo matter what moment of life we are in, wbe are DIVERSE /bin age, gender, nationality, family… we have been cbertified in Diversity and as an ETHICAL company /bmore than 9 years in a row!I /ppt doesn't matter if you are living your growth stage in life, LbEARNING /band TRAINING at all hours or if you need to consolidate yourself and appreciate FLEXIBILITY, CbONCILIATION /band tax and social BENEFITS to combine your personal and professional life. Wbhat really matters is that you can feel that you are WHERE YOU SHOULD BE to get the future you want. /b /ppbr/ppWbhat will you do in the project? /b /ppbr/pp bCibersecurity Engineer L2 + linux experience. /b /ppbr/ppWe are looking for a system admin engineer, with skills in Cybersecurity Operations Centre, proficient knowledge in administering Linux systems, preferably Red Hat Enterprise Linux (RHEL) /ppand practical experience in Distributed File System (DFS), SIEM and EDR. /ppHis primary responsibility is to conduct advanced threat analysis, using detailed investigative and forensic techniques to understand the root cause and extent of incidents /ppbr/ppTbo feel comfortable in the position, you need to be able to get along well with these knowledge and responsibilities: /b /ppbr/pulliDistributed File System: QTrees and security groups creation along with assignment to SVMs, Shares, etc /liliAdvanced Analysis: Perform deeper and more detailed analysis of incidents, evaluating sophistication and potential impact compared to level 1. /liliSpecialized Escalation: Handle incidents of greater complexity, escalating to higher levels and coordinating with specialized teams when necessary. /liliForensic Investigation: Conduct forensic investigations to determine the root cause of incidents and collect evidence for possible legal action. /liliSignature and Rule Development: Create and update signatures, rules, and behavioural profiles in detection tools to improve accuracy and effectiveness. /liliTechnical Advice: Provide technical advice to level 1 analysts, helping in the understanding and resolution of more complex incidents. /liliTool Optimization: Collaborate in the improvement and optimization of security tools, proposing adjustments and updates to keep up with threats. /liliCritical Incident Management: Coordinate the response to critical incidents, ensuring efficient execution of mitigation and recovery plans. /liliReview of Security Policies: Evaluate and update security policies and procedures, ensuring their alignment with best practices and regulations. /liliStaff Training: Provide ongoing training to Tier 1 staff and other teams on new cybersecurity threats, tactics, and techniques. /liliCoordination with Internal Teams: Collaborate closely with internal teams, such as the risk management and compliance team, to address specific security aspects. /liliDevelopment of Executive Reports: Prepare detailed executive reports on incidents, providing clear and concise information for decision making. /liliContinuous Process Improvement: Identify opportunities for improvement in incident response processes and contribute to their continuous evolution. /liliParticipating in Advanced Drill Exercises: Engage in more advanced cybersecurity drills to test responsiveness and improve team readiness /li /ulpbr/ppbRequired Skills: /b /ppbr/pulliProficient knowledge in administering Linux systems, preferably Red Hat Enterprise Linux (RHEL) /liliSolid knowledge of cybersecurity principles and practical experience implementing security measures /liliPractical experience in: /liliDistributed File System (DFS) /liliSIEM operation tooling (Microsoft Sentinel, IBM QRadar, Splunk, Chronicle). /liliEDR operation tooling (MS Defender, Symantec, CrowdStrike Falcon among others). /liliStrong understanding of TCP/IP networking, firewalls, and general network communication principles /liliStrong analytical and problem-solving skills /liliExcellent written and verbal communication skills. /liliHigh ability to multi-task, prioritize, coordinate, work well under pressure and meet deadlines. /liliExperience in incident, problem management, and/or change management. /li /ulpbr/ppbr/ppWe are looking for someone with high skills in scripting as well, very motivated and with a bgood level of English (at least a B2 spoken level) /b /ppNo Shift yes On calls. /ppModel of work: hybrid /ppbr/ppbr/ppWbe will evaluate all applications. /bAt Capgemini we have a wide range of training, face-to-face, online Certifications, etc. Ebven if you do not have 100% of the previous requirements, we would love to meet you! /b /ppbr/ppCapgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 360,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fuelled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2022 global revenues of €22 billion. /ppbr/ppApply now! /ppbr/p