CSIRT Analyst

Sopra Steria is a listed European technology leader specializing in Consulting, Digital Services, and Software. With over 51,000 employees worldwide across Europe, North America and Asia, the Group supports organizations in driving their digital transformation and delivering sustainable business value.

In Asia Pacific, Singapore serves as the regional headquarter for Sopra Steria’s Infrastructure, Cloud and Cybersecurity services.

We are hiring a CSIRT / Cybersecurity Incident Response Analyst to assist one of our clients in the automotive industry. This role will act as the key liaison between local business and technical teams and the global cybersecurity operations team, supporting incident response, escalation management, and cybersecurity operations coordination for critical environments.

This role ensures strong proximity, rapid response capability, and expert-level support during complex or critical cybersecurity incidents. The candidate enhances mutual understanding between business, functional, and technical stakeholders, while ensuring efficient escalation handling, mitigation tracking, and incident coordination.

Key Responsibilities:

Operational Coordination & Proximity

• Serve as the local cybersecurity management contact
• Maintain close proximity to on-site teams to understand operational need, critical assets, operational priorities and constraints.
• Act as a trusted relay between stakeholders and central CDOC/SOC teams.

Incident & Escalation Management

• Facilitate and coordinate incident escalations to appropriate teams.
• Act as an escalation point for complex cases requiring expert arbitration or cross-team coordination.
• Ensure follow-up of mitigations, remediation plans, and corrective actions.

Advanced Incident Response Support

• Intervene in complex or critical cybersecurity incidents that fall outside standard response procedures and require advanced incident response expertise.
• Support and, when required, lead complex operational response actions, from containment to threat eradication.
• Oversee and validate technical remediation and system restoration, ensuring secure and controlled recovery of the information system.
• Guarantee alignment between technical risks, business impacts, and client priorities throughout incident handling.

Crisis Management

• Provide expert support to crisis management and assume a coordination role, under CSIRT guidance, during critical incidents, including major attacks or high-impact security events.

Requirements Translation & Solution Alignment

• Translate functional and business requirements into clear technical requirements for cybersecurity teams
• Contribute to the definition and alignment of global cybersecurity solutions, ensuring local constraints and feedback are considered.
• Support continuous improvement of detection, response, and operational processes.

Communication & Information Relay

• Ensure effective two-way communication:
• From sites to Detection & Response teams (context, impact, priorities).
• From central teams to local stakeholders (status, actions, recommendations).
• Promote knowledge sharing and operational best practices.

Continuous Improvement

• Actively contribute to improving daily operations, responsiveness, and service quality.
• Leverage experience and expertise to deliver daily added value to operational teams.

Key Skills & Competencies

• Strong knowledge of cybersecurity operations, SOC/CDOC environments, and incident response processes.
• Proven ability to coordinate across technical and non-technical stakeholders.
• Experience in incident management, escalation handling, and mitigation tracking.
• Ability to translate business needs into technical cybersecurity requirements.
• Strong communication, facilitation, and coordination skills.
• Autonomous, proactive, and solution-oriented mindset.
• Experience or Knowledge of products Sentinel and Logic Apps

Positioning

• Acts as a Level 3 operational relay between local teams and global CDOC functions.
• Key contributor to operational efficiency, risk reduction, and continuous improvement

•Work-life balance: Hybrid working mode and Work-from-Abroad benefits, 18 days of Annual leave
•Health & insurance: Comprehensive coverage including General Practitioner, hospitalization, dental, and optical
•Performance incentives: Annual bonus based on individual performance
•Learning & development: Training programs, certification opportunities, and training incentives to support career growth
•Team culture: Regular team-building activities and social events