Michelin CERT is a worldwide distributed team of dedicated Security Engineers with the mission to secure Michelin’s infrastructure worldwide. The Michelin China CERT team is an integrated part of the Michelin CERT. As such, is responsible for coordinating the response to Cyber Security incidents, conducts forensics investigations within Michelin. Michelin CERT also takes part in strategic projects.
As Michelin China CERT Security Analyst you will:
Mission#1: CERT/SOC CN Management (Blue Team)
1. Prevent: Follow evolution of risky situations (internal or external).
● Manage external SOC for China team, ensure continuous improvement on detection and response
● Develop, coordinate and document the process for CERT CN local Security Incident Response with local stakeholders
● Analyze local threat Intelligence, ensure SOC CN's prevention, detection and reaction capability against new threats
● Manage and enhance local SIEM infrastructure and solution
● Study and implement new tools/solutions to increase capability of detecting unknown threats and attacks
1. Misson#2: CERT WorldWide missions
2. Manage security incidents (Business As Usual Mode)
● Ensure CERT CN team works properly as part of CERT WW Follow-The-Sun Organization
● Coordinate actions between CERT team and local business teams (industry, logistic, business, subsidiaries…) to follow local action plan.
● React: provide security expertise during a cyber crisis (impact / technical / survey / test malware in a lab / activate emergency procedure)
● Responsible for Incident Response actions (incident investigation, forensic analysis, mitigation and future improvement) on local security incidents
● Evaluate new emerging Cyber Security technologies
● Organize CRISIS and Incident Response simulation for local team in the zone
1.
Misson#3: Red Team (Security by Design)
Penetration Test:
● Promote, organize and conduct penetration tests on Key projects.
● Provide comprehensive reports and guide on mitigation actions.
Automated Scanning:
● Develop automated scanning tool for collecting vulnerability information
● Collect and maintain a DB of detailed application components (with/without vulnerability) used by local team
Exercise:
● Plan and execute Red/Blue team exercise.
Mission#4: Be the local point-of-contact
Vulnerability Management:
● Review results from automatic scanners
● Provide support to explain vulnerabilities’ impact/gravity to local stakeholders
● Provide guidance and recommendations for remediating application vulnerability
Control strategy
● Participate/animate security awareness/training - local sessions
● Give the CERT input (threats, risks, incidents…) to risk analysis (project, site…)
● Provide technical support for local action plans (including industry, for local subsidiaries)
Projects
● For DCSE/SSI central projects (like SOC), be responsible for local actions
● Acting as Security technical subject matter expert in relation to the cyber controls required by local legal/regulation requirements (MLPS, PIPL, CSL, DSL)
Communication
● Be the CERT representative for the local security team and other counterparts
To make a difference, you must have:
● University degree (min. Bachelor) e.g. in Information technology or similar
● At least 2-3 years of relevant meaningful work experience in cyber security and incident response
● Strong analytical skills with the ability to understand complex technical systems with attention to detail and accuracy
● High interpersonal skills: clear and concise communication; able to address partners of different backgrounds and technical expertise
● Fluent in spoken and written English