Get introduced to vetted companies that are still hiring

You will own the rules, processes, oversight and reporting for how security incidents are managed across the organization and provide assurance to management that incidents are handled consistent with policies, risk appetite and regulations.

What you’ll be doing

Design, maintain and improve the Security Incident Management framework (procedures, RACI, communication flows).
Develop and update incident response playbooks (phishing, malware, data leakage, privilege abuse, etc.).
Oversee, from a governance perspective, how SOC/CERT, IT and providers detect, triage, escalate and close incidents.
Review and challenge severity, impact and classification of incidents.
Define and track KPIs & dashboards (SLA compliance, business impact, etc.).
Lead post‑incident reviews, follow up on corrective and preventive actions.
Ensure alignment with risk management, ISMS, BCM, and regulatory requirements (ISO 27001, NIST, PCI DSS, data protection).
Act as central point of contact on incident governance for InfoSec, SOC/CERT, IT, business units and external providers.
Coordinate exercises and simulations and maintain a threat & incident landscape view for management.

What you need to know/have

Bachelor’s degree in Computer Science, Information Security, Engineering or similar.
3–5+ years in information security (SOC/CERT/IR, GRC, IT risk or IT audit).
Strong knowledge of security standards and incident response (ISO 27001/27035/27005, PCI DSS).
Familiarity with SIEM, DLP, IDS/IPS, EDR, AV, vulnerability scanners to challenge use cases and understand reports.
Experience in process design, documentation, improvement, and KPI‑based reporting.
Understanding of legal and regulatory aspects of incidents (breach notification, evidence, recordkeeping).
Preferably certifications such as Security+, GCIH/GCIA/GCED/eCIH, CISM/CRISC/ISO 27001 LI/LA, CISSP/CEH.
Excellent communication, coordination and organizational skills, able to work under pressure and influence without authority.
Advanced English (written and spoken).

If you want to govern and improve how incidents are managed – we’d like to meet you.

What’s in it for you

Performance Bonuses – based on your results & the company’s;
Electronic Meal Tickets - as you imagine;
Medical & Life insurance for you - facilities for your family, too;
#WFH & Flexible hours;
Professional GSM subscription;
Personal GSM subscription, also [because we believe in communication!];
Special grants on Smartphones & devices; discounts for Orange products & services;
Development Platforms - Orange Learning, Trainings, Career Counselling, Coaching & Career plan mentoring;
Wellbeing Programs – we support your Zen;
& more!

Come & work for a #TopEmployer company. You could be part of an organization where great colleagues and team spirit support your professional development.

Apply and let’s have a remote-talk.

At Orange, you can.

We encourage all candidate profiles, regardless of gender, age, race, citizenship, ethnicity, color, language, religion, social origin, genetic traits, sexual orientation, permanent or temporary disability, nationality, political choice, social category or social origins, situation or family responsibility, belonging to a disadvantaged category, membership or trade union activity.

#LI-LR1

Chez Orange, seules vos compétences comptent.

Quel que soit votre âge, genre, origine, parcours, religion, orientation sexuelle, handicap, neuroatypie, ou apparence, nous encourageons activement la diversité au sein de nos équipes, car elle constitue une force pour le collectif et un vecteur d’innovation. Orange est une entreprise handi-accueillante : n’hésitez pas à nous faire part de vos besoins spécifiques.

See more open positions at Orange

Privacy policy Cookie policy

Getro.org is a community-driven initiative to ease the impact of COVID-19 by connecting tech professionals and hiring companies. It's free for job seekers and companies, and curated by a growing list of referral partners.