Information Security Consultant – Security Integrations

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and our environment safer, healthier and more sustainable. From the food you eat, to the water you drink, to the medicines you rely on, Eurofins laboratories work with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic, and labelling is accurate.

The Eurofins network of companies is the global leader in food, environment, pharmaceutical and cosmetic product testing and in agro-science Contract Research Organization services. It is one of the market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, advanced material sciences and in the support of clinical studies, as well as having an emerging global presence in Contract Development and Manufacturing Organizations. It also has a rapidly developing presence in highly specialized and molecular clinical diagnostic testing and in-vitro diagnostic products.

In over 30 years, Eurofins has grown from one laboratory in Nantes, France to 58,000 staff across a decentralized and entrepreneurial network of 900 laboratories in over 54 countries. Eurofins companies offer a portfolio of over 200,000 analytical methods to evaluate the safety, identity, composition, authenticity, origin, traceability and purity of biological substances and products.

In 2021, Eurofins generated total revenues of EUR 6.72 billion, and has been among the best performing stocks in Europe over the past 20 years.

Job Description

• Security Integrations, Engagement & Metrics is the bridge between GSC Information Security and our stakeholders (RISOs, ITISCs, Business) ensuring service excellence in the delivery of our security services.
• The team drives strategic security initiatives and fosters continuous improvement to protect critical business assets and enable confident growth.
• The Information Security Consultant – Security Integrations is responsible for the roadmap, design, product ownership and vendor management for the concerned SOC tools. It includes strategic project consultancy and implementation, but also L3 support and automations.
• From operational perspective, the Information Security Consultant – Security Integrations is accountable for the configuration, successful deployment and daily operations of the security tool(s) in his/her scope.

Specific Assignments

The main responsibilities of an Information Security Consultant – Security Integrations are:

• Act as the subject matter expert for the Eurofins in scope SIEM/Log Management/SOAR solution
• Ensure operational stability and performance of the in scope SIEM/Log Management/SOAR solution
• Document and maintain SIEM/Log Management/SOAR solution
• Monitor and recommend improvements for any of the in-scope solutions
• Ensure Operations are run correctly by preparing relevant trainings and SOPs for the staff.
• Provide L3 technical support to our customers
• Analyse, troubleshoot, and remediate issues with the SIEM, Log Management or SOAR solution.
• Engage external tools/service providers to troubleshoot complex issue

• Incorporate change and patch management for the in-scope solution.
• Provide support to manage SIEM/Log Management/SOAR components, parsing/normalization of logs, rule engine, log storage, source device, log collection and event monitoring
• Build and maintain client relationships both internally and externally.
• Support the Security Group in day-to-day activities.
• Provide expert level project consultancy

• Minimum of 6 years of operational experience in a Security or Security oriented IT role (cybersecurity, IT Operations etc.)

Required

• Solid experience in deploying, managing or operating large scale SIEM or log management solution(s).
• Good practical experience in debugging Linux/Windows based operating systems
• Solid understanding of
• Cloud technologies and concepts
• Security threats and attack vectors
• Log management concepts
• The workings of networking technologies, firewalls, proxies etc.
• Ability to understand large scale and complex IT infrastructures
• Practical experience with Azure/AWS Environment enterprise environments
• Practical experience with observability platforms
• Ability to document processes and procedures

Appreciated

• Experience in security Incident detection and management.
• Experience managing DNS, and web filtering/proxy
• Knowledge of the MITRE ATT&CK / D3FEND framework.
• Knowledge of SOC2/NIST/ISO27001
• Project coordination or structural follow up/action tracking experience.

• Very good English communication skills (concise writing and orally convincing).
• Very good interpersonal relation skills at all levels of the organization.
• Ability to translate technical requirements to non-technical people.
• Ability to work in a complex international environment.
• Eager to learn and continuously develop personal and technical capabilities.

• M.Sc. or comparable education in Information Technology or Information Security.
• Languages: fluent English (B2/C1).

Professional working proficiency in English is a requirement, including the ability to read, write and speak in English.