The post in a nutshell:
The security incident response analyst generally works within a CERT (Computer Emergency Response Team) or CSIRT (Computer Security Incident Response Team). In the event of suspicion of malicious activity or an attack within the information system, the security incident response analyst analyzes the symptoms and performs technical analyzes on the information system. It identifies the attacker’s modus operandi and qualifies the extent of the compromise. It provides remediation recommendations to ensure the remediation and hardening of attacked systems.
Equivalent title: CERT analyst, CSIRT analyst, digital investigation specialist, incident handling analyst
- Monitor new vulnerabilities, new technologies and attack methods relating to the various components of the information system
- Feed threat intelligence databases
- Maintain and develop investigation tools
- Collect technical information from a large set of information systems, carry out the search for indicators of compromise
- Analyze the technical surveys carried out in order to identify the modus operandi and the attacker’s objective and to qualify the extent of the compromise
- Write investigation reports
- Recommend incident bypass and remediation measures (remediation and hardening)
- Recommend measures to improve analytical capabilities (extraction of indicators of compromise)
- Prepare reports
Our advice: this position is open to women and men. Motivation and the desire to learn are the fundamental qualities for the success of your project. Don’t put a barrier on yourself, you can do it.
- Mastery of the information system, the urbanization and the architecture of the IS
- Post-mortem analysis (forensic): knowledge of analysis tools
- Post-mortem analysis (forensic): knowledge of legal procedures
- Cyberdefence: practice of network flow analysis
- Cyberdefense: knowledge of attack and intrusion techniques
- Cyberdefense: knowledge of Scripting environment vulnerabilities
- Capacity for restitution and popularization for non-technical audiences
- Drafting of reports adapted to different levels of interlocutors
- Team work
- Ability to withstand pressure
- Ethical sense
Description of the profession in the ANSSI directory
The Security Incident Response Analyst may specialize as a System Analyst, Network Analyst, Malicious Code Analyst.
How to access into the job?
Education: Bac +5, including specialization in cybersecurity
Are you looking forward to long studies? Is your job goal to quickly lead multidisciplinary teams?
Or do you enjoy life on our campus so much that you want to stay forever?
The 5-year program is made for you.
Our Master program is adapted to professions with supervising responsibilities and addresses specific cybersecurity requirements. It allows you to deepen and refine your knowledge and skills in one of our 3 specialisations: Information Technology (IT), Industrial (OT) or Management of Cybersecurity Operations (SOC).
The complete career guide
Condimentum lacinia quis vel eros donec ac odio. Nibh cras pulvinar mattis nunc sed blandit libero volutpat. Facilisis gravida neque convallis a cras semper auctor neque vitae.
Same field jobs
Our school provides training in 21 cybersecurity jobs, from technical to supervising positions, from IT operations to industrial systems security. Here is the list of jobs you will be trained for by attending one of our training programs.