- Company Name
- MLO CONSULTING
- Job Title
- Blue Teamer – Confirmé (H/F)
- Job Description
-
**Job Title:** Blue Teamer – Confirmed (M/F)
**Role Summary:**
Lead security operations, continuously monitoring, detecting, and responding to cyber incidents. Strengthen the organization’s resilience by maintaining detection solutions, conducting forensic investigations, and collaborating with Red Team and business units.
**Expectations:**
- Proactive incident response and threat mitigation.
- Continuous improvement of detection rules, playbooks, and security posture.
- Clear documentation, reporting, and knowledge sharing with stakeholders.
**Key Responsibilities:**
1. Monitor security alerts through SIEM (Splunk, QRadar, etc.) and other detection tools.
2. Analyze, contain, eradicate, and remediate security incidents.
3. Deploy and maintain detection solutions (EDR, IDS/IPS, honeypots).
4. Perform forensic analysis and post‑incident investigations.
5. Develop and refine detection rules and response playbooks.
6. Conduct threat intelligence activities (IOC, TTPs) and adapt defenses.
7. Collaborate with Red Team to test and enhance security controls.
8. Educate and train operational teams on security practices.
9. Document incidents, procedures, and corrective actions.
**Required Skills:**
- Security monitoring & correlation (SIEM, EDR).
- Incident response (analysis, containment, remediation, crisis coordination).
- Forensics (volatile memory, log analysis, evidence collection).
- Defensive tooling (IDS/IPS, firewalls, honeypots).
- Threat intelligence (CTI, IOC, TTPs).
- Scripting & automation (Python, Bash, PowerShell).
- Strong communication and documentation.
- Team collaboration and instructional ability.
**Required Education & Certifications:**
- Bachelor’s to Master’s degree in Cybersecurity, Computer Science, or related field.
- 3‑7 years of operational security experience (SOC, CERT, Blue Team).
- Certifications valued: GCIA, GCIH, CEH, CySA+, SSCP.