SOC Platforms Analyst

Passionate about cybersecurity and automation? Join us to craft cutting-edge detection rules, emulate adversaries, and defend against emerging threats. If you love coding, solving complex problems, and working in a dynamic team, this is your chance to make an impact

About the job

YOUR FUTURE CONTRIBUTION

Main missions :

Reporting to the Security Operations Center Executive Manager, your main responsibilities will be to:

• Participate in detection engineering: Collaborate with Detection Engineers to design, develop, and maintain detection rules within the SIEM to identify emerging threats.

• Conduct adversary emulation activities: Implement attack scenarios (based on the MITRE ATT&CK framework) to test the effectiveness of existing detection rules and identify blind spots (Purple Teaming).

• Analyze and qualify alerts: Contribute to the analysis of false positives to refine detection rules (Tuning) and improve the signal-to-noise ratio for SOC analysts.

• Conduct cybersecurity intelligence (CTI): Monitor new attack techniques (TTPs) and propose innovative detection methods based on current cybersecurity news.

• Documenting processes: Writing technical documentation for detection rules and associated response procedures (Playbooks) for the analysis teams.

…You will develop :

• Expertise in "Detection as Code": Applying software development principles (CI/CD, Git) to cybersecurity.

• An offensive security mindset: The ability to think like an attacker to better defend (Red Teaming / Adversary Emulation).

• Advanced scripting skills: Automating complex tasks using Python or PowerShell.

• A rigorous methodology: Mastering the complete lifecycle of a detection rule.

Expected skills & experience

We are looking for someone with the following experience and skills:

Technical skills

• Strong proficiency in Python and PowerShell, as well as mastery of Git (essential for this position).

• Basic knowledge of Windows and Linux administration.

• General understanding of Active Directory operation and network concepts (TCP/IP, DNS, etc.).

• General understanding of attack techniques and the MITRE ATT&CK framework.

• Knowledge of SIEM operation (architecture, querying) and cloud security concepts (Azure/AWS) is a plus.

Languages : Fluent English and French (all documents must be written in English).

Outils informatiques :

• Office 365, Microsoft Teams 

Soft skills

• Problem solver / solution-oriented

• Autonomous

• Good communication skills

• Analytical and synthesis skills (critical thinking)

• Organized

• Professional (handling confidential documents, meeting deadlines, etc.)

• Kind, attentive, and willing to give and receive regular feedback

Where will you be in the organization?

The division

About our entity: AXA Group Operations is a sustainable, technology-driven business. Our entity is one of the key drivers of the AXA Group's transformation. We are working to strengthen the evolution of our insurance business model through technology, operations, data, and innovation. We ensure its concrete implementation on a global scale with recognized expertise in quality of execution and customer service. We operate in 16 countries with highly qualified and committed teams.

What we offer

We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we're committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.

About the entity

AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation. 

We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.

We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.

At AXA Group Operations, we want to be recognized in three fields of action:

• State-of-the-art Data Technology to drive customer experience
• State-of-the-art Procurement & Sourcing to drive efficiency and better manage risks
• High-Performing Global Team for stronger partnerships with AXA entities

About AXA

As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working for 105 million customers, we've created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we're nurturing a culture of respect, for each other, for our customers and the communities around us. Join AXA and you'll feel like you belong, are included and can thrive. You'll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.