SOC/Cybersecurity Analyst Engineer

To support its expansion, Phishia is looking for a dynamic and motivated SOC / Cybersecurity Analyst Engineer to support the growth of our cybersecurity and Managed SOC activities.

About Phishia

Phishia is a consulting firm founded by two engineers, specializing in major technological and strategic challenges: cybersecurity, artificial intelligence, and sustainability. We support leading companies such as major CAC 40 players (Airbus, Bouygues, SNCF …), with recognized expertise in cybersecurity, the core of our business. Our cybersecurity and AI divisions are experiencing sustained growth, driven by strong demand, key regulatory challenges, and a pragmatic approach.
Joining Phishia means becoming part of a human-sized, ambitious, and committed organization, positioned at the heart of the digital and ecological transitions.

Main responsibilities

• Monitoring & detection: monitor security events in real time via various SIEMs (Tetris, Google Sec Ops, Wazuh, Splunk); analyze, qualify, and escalate incidents.
• Orchestration & correlation: leverage the Tetris platform (orchestration, multi-source correlation, automation) to enrich alerts, trigger playbooks, and reduce mean time to detection.
• Endpoint protection: deploy, configure, and operate CrowdStrike Falcon, SentinelOne, Tetris, and Microsoft Defender for Endpoint EDR solutions to contain any malicious activity.
• Network IDS/IPS: deploy and administer Zeek, Suricata, and Snort sensors to detect intrusion attempts on critical traffic.
• Investigation & response: perform log analysis, forensic investigations, and write detailed incident reports; recommend immediate actions and track their implementation.
• Scenario development: design and maintain correlation and detection rules based on the MITRE ATT&CK framework to improve coverage and reduce mean time to detection.
• Automation & reporting: create scripts (Python/Bash) and dashboards (Grafana, Power BI) to automate repetitive tasks, track KPIs (MTTD, MTTR), and present SOC activity.
• Threat intelligence & continuous improvement: maintain proactive monitoring of vulnerabilities, adversary TTPs, and regulatory requirements; update playbooks and participate in crisis management exercises.

Desired profile

Graduate of an engineering school or a Master’s degree (Bac+5) in cybersecurity, systems/networks, or equivalent
Proven experience or a highly motivated junior profile in a SOC or operational security role
Strong knowledge of Linux/Windows systems and network protocols
Proficiency with detection tools: SIEM, EDR, IDS/IPS, Wireshark, malware analysis tools
Strong written and verbal communication skills
Autonomy, rigor, analytical mindset, and technical curiosity
Good understanding of methodological frameworks: MITRE ATT&CK, NIST, EBIOS RM

What we offer

A strategic position within a fast-growing consulting firm, with rapid career progression
An advanced technical environment (lab, professional & open-source tools)
Assignments with high operational and strategic impact
A flexible work environment, remote-friendly, with a committed team
Continuous training (certifications, methodologies, threat intelligence, etc.)
·Compensation based on profile, with additional benefits
Career development opportunities toward lead SOC, consultant, or CISO roles