How would you like to work in IT & Communication, toying with cutting edge technologies and enjoying your life? Come closer to #LifeAtOrange.

What we’re looking for

We are looking for a Security Incident Operations Analyst focused exclusively on governance.

You will own the rules, processes, oversight and reporting for how security incidents are managed across the organization and provide assurance to management that incidents are handled consistent with policies, risk appetite and regulations.

What you’ll be doing

• Design, maintain and improve the Security Incident Management framework (procedures, RACI, communication flows).
• Develop and update incident response playbooks (phishing, malware, data leakage, privilege abuse, etc.).
• Oversee, from a governance perspective, how SOC/CERT, IT and providers detect, triage, escalate and close incidents.
• Review and challenge severity, impact and classification of incidents.
• Define and track KPIs & dashboards (SLA compliance, business impact, etc.).
• Lead post‑incident reviews, follow up on corrective and preventive actions.
• Ensure alignment with risk management, ISMS, BCM, and regulatory requirements (ISO 27001, NIST, PCI DSS, data protection).
• Act as central point of contact on incident governance for InfoSec, SOC/CERT, IT, business units and external providers.
• Coordinate exercises and simulations and maintain a threat & incident landscape view for management.

What you need to know/have:

• Bachelor’s degree in Computer Science, Information Security, Engineering or similar.
• 3–5+ years in information security (SOC/CERT/IR, GRC, IT risk or IT audit).
• Strong knowledge of security standards and incident response (ISO 27001/27035/27005, PCI DSS).
• Familiarity with SIEM, DLP, IDS/IPS, EDR, AV, vulnerability scanners to challenge use cases and understand reports.
• Experience in process design, documentation, improvement, and KPI‑based reporting.
• Understanding of legal and regulatory aspects of incidents (breach notification, evidence, recordkeeping).
• Preferably certifications such as Security+, GCIH/GCIA/GCED/eCIH, CISM/CRISC/ISO 27001 LI/LA, CISSP/CEH.
• Excellent communication, coordination and organizational skills, able to work under pressure and influence without authority.
• Advanced English (written and spoken).

If you want to govern and improve how incidents are managed – we’d like to meet you.

What’s in it for you

• Performance Bonuses – based on your results & the company’s;
• Electronic Meal Tickets - as you imagine;
• Medical & Life insurance for you - facilities for your family, too;
• #WFH & Flexible hours;
• Professional GSM subscription;
• Personal GSM subscription, also [because we believe in communication!];
• Special grants on Smartphones & devices; discounts for Orange products & services;
• Development Platforms - Orange Learning, Trainings, Career Counselling, Coaching & Career plan mentoring;
• Wellbeing Programs – we support your Zen;
• & more!

Come & work for a #TopEmployer company. You could be part of an organization where great colleagues and team spirit support your professional development.

Apply and let’s have a remote-talk.

At Orange, you can.

IMPORTANT

In order to be able to follow your application status and receive relevant notifications, make sure to complete your application in our ATS (applicant tracking system), by following the redirection link. Once this step is completed, you will receive a confirmation email from Orange that your application has been successfully registered.

We encourage all candidate profiles, regardless of gender, age, race, citizenship, ethnicity, color, language, religion, social origin, genetic traits, sexual orientation, permanent or temporary disability, nationality, political choice, social category or social origins, situation or family responsibility, belonging to a disadvantaged category, membership or trade union activity.

#LI-LR1

We offer: