← All verified jobs

SOC analyst

clicktale Paris Area, France

See all open roles at clicktale

Ghost-risk verdict

Likely real

  • 57 open roles at this company in 30 days (mass-hiring blitz)
  • no salary disclosed (correlates with ghost postings)

How we score ghost risk →

See your fit for this role and apply with a truthfully tailored résumé.

See my fit, free

About the role

Key Responsibilities

As a core operational member of the DevSecOps Team, you will be responsible for the day-to-day monitoring and initial response to security alerts. Your responsibilities include:

Alert Triage & Investigation: Monitor, triage, and investigate security alerts daily (including phishing alerts) using our central SIEM ( Google SecOps ). You will act as the first responder to qualify events, filter out false positives, proactively look for remediation, and collaborate with internal teams to resolve issues quickly, in addition to escalating confirmed incidents to Senior Analysts (N2/N3).

Multi-Source Threat Monitoring: Analyze logs and security events across our diverse, modern ecosystem, including:

Cloud infrastructure logs via AWS CloudTrail and Azure Activity Logs .

Endpoint and cloud workload telemetry via CrowdStrike (EDR + CNAPP) .

Identity, access, and collaboration events from Okta and Google Workspace .

Code repository and CI/CD security alerts from GitHub .

Incident Response & On-Call Rotation: Participate in the investigation of security breaches. To ensure 24/7 protection of our global platform, you will take part in an on-call rotation to handle critical security incidents outside of regular business hours.

Playbook Optimization: Assist in continuously improving our detection capabilities by documenting your findings, updating SOC playbooks, and suggesting rule-tuning to reduce alert fatigue.

Vulnerability & Threat Tracking: Monitor and follow up on vulnerability resolution actions and stay informed about the latest threat landscape and common attack vectors.

AI/LLM Incident Augmentation: Optimize and augment incident response capabilities by leveraging AI and LLM-based agentic workflows to automate data enrichment, accelerate threat investigation, and improve response efficiency.

Desired Skills and Attributes

Education & Experience

You hold a Bachelor’s or Master’s degree (Bac +5) in IT, Cybersecurity, or equivalent training.

You have initial experience (0 to 3 years, including internships or work-study programs) in an IT security role, ideally within a SOC.

Technical Competencies

Cloud & Environments: Familiar with modern cloud applications and environments. Good grasp of cloud computing architectures (AWS/Azure) and their associated security risks.

Security Monitoring: Basic understanding of how to query and analyze logs within a SIEM (experience with Google SecOps, or similar SIEM is a plus).

Endpoint Security: Familiarity with Endpoint Detection and Response (EDR) solutions and cloud native application protection platforms (CrowdStrike preferred).

Identity & Network Basics: Strong knowledge of web protocols, common attacks (OWASP), and identity management systems (Okta, SSO, MFA).

Scripting: Basic scripting skills (Python, Bash) to help automate repetitive triage tasks or data enrichment are highly appreciated.

Soft Skills

Analytical & Calm: You demonstrate strong analytical skills, attention to detail, and the ability to stay calm and methodical during high-pressure security incidents.

Availability: You are willing and able to participate in an on-call schedule (weekends) to support our 24/7 security posture.

Team Player: You enjoy working collaboratively in a team while being autonomous in your daily triage tasks.

Fluent in English (both written and spoken). French is a strong plus.

Location

In our Paris office (Headquarters), France.

Stop applying to ghosts.

OyaPilot surfaces only verified, real jobs, scores your fit, and tailors your application truthfully.