U.Neat

About the Company

Nous veillons sur la securite de votre Systeme d'Information. U.neat protege votre systeme d'information de facon proactive et defensive pour que vous puissiez vous consacrer a vos activites operationnelles en toute serenite. On vous permet d'evoluer et de faire face a un environnement toujours plus hostile, sans freiner la productivite de vos equipes. Pour affronter la multiplication des risques dans un environnement de plus en plus hostile, U.neat vous permet d'affronter les menaces avec nos experts Pentest, Cloud, Risk Management, DevSecOps, et Infrastructure. Consultants Infrastructure et Cyber, venez decouvrir les postes qu'on propose sur notre jobboard , on sera ravi de vous rencontrer, et ensemble, d'elever le niveau de securite informatique de nos clients ! Le message de Paul et Guillaume, fondateurs de U.neat : "On travaille ensemble depuis 5 ans maintenant. On peut dire qu'on se connait bien et qu'on partage la meme vision des relations humaines chez Uneat. Mais on n'en dira pas plus, travailler chez U.neat, ca se vit. On est une equipe jeune en croissance, et on est tres enthousiastes a aller chercher des succes ensemble. Parlons-en ensemble! #cyber #managementSSI #infrastructure #sauvegarde #cloud

Listed Jobs

Company Name

U.Neat

Job Title

Consultant CSIRT (senior)

Job Description

**Job Title:** Senior CSIRT Consultant **Role Summary:** Provide expert consultation on cyber‑security incident response, conducting forensic investigations, orchestrating remediation, and enhancing CSIRT processes across SOC, CTI, and partner organizations. **Expectations:** - Lead advanced incident investigations and post‑incident analysis. - Drive playbook automation, coordination of major incidents, and crisis communication. - Continuously improve detection rules, knowledge‑base documentation, and CERT maturity. **Key Responsibilities:** - Execute forensic analysis of endpoints, servers, and network logs to identify attack vectors, scope, and attacker actions. - Contribute to remediation: containment, eradication, restoration, and post‑incident verification. - Author technical investigation reports and Incident Report Summaries (IRR). - Design, automate, and maintain response playbooks using platforms such as TheHive, Cortex, and SOAR. - Participate in major incident handling and cyber‑security crisis cells. - Communicate technical findings to SOC, CTI, PSIRT, engineering teams, CERT‑FR, ANSSI, and external partners. - Advise management on decision‑making during crises. - Update and enrich incident knowledge base; conduct post‑incident reviews (REX). - Identify SOC detection gaps and propose correlation rules. - Help advance CERT capabilities through tool integration, automation, and maturity development. - Leverage CTI information to anticipate threats and return indicators (IOCs) from investigations. **Required Skills:** - SIEM/EDR: Splunk, SentinelOne, CrowdStrike, ELK. - Orchestration/Ticketing: TheHive, Cortex, MISP, OpenCTI, ServiceNow. - Forensics & Analysis: Velociraptor, Autopsy, Volatility, Wireshark. - Detection & Correlation: Sigma, Yara, Suricata. - Systems: Windows, Linux, Active Directory, AWS, Azure. - Strong analytical, communication, and crisis‑management abilities. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent professional experience). - Industry certifications preferred: - CISA / CISSP / CISM / GCIH - GIAC Certified Incident Handler (GCIH) or GIAC Certified Forensics Analyst (GCFA) - OSCP or equivalent penetration testing credentials (optional).

Lyon, France

Hybrid

Senior

17-10-2025