Re:Sources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 4,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients. In addition to providing essential, everyday services to our agencies,

Re:Sources develops and implements platforms, applications and tools to enhance productivity, encourage collaboration and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients.

Overview

The Senior Associate, Information Security - Forensics is part of a global team and is responsible for incident response of cyber security incidents that are associated with our businesses, clients, and vendors; is technically skilled and ensures incident containment, remediation, and closure. This individual will be expected to work closely with the legal, data privacy, business, and client teams. They should be comfortable with interacting with senior executives, including C-level staff.

Responsibilities

Incident Leadership

Serve as the Incident Commander, leading the full lifecycle of cybersecurity incident investigations and response efforts.
Coordinate cross-functional communication during high-severity incidents, ensuring rapid containment and clarity across teams.
Present concise, accurate written and oral reports to executive and operational leadership.

Forensic Analysis & Investigation

Analyze compromised or potentially compromised systems using advanced forensic tools and methodologies.
Conduct complex forensic investigations into system breaches, data leaks, and architectural weaknesses.
Coordinate evidence and data collection to ensure thorough and reliable incident documentation.

Reporting & Documentation

Prepare detailed security incident reports that transform technical findings into actionable insights for decision-makers.
Document investigation steps, timelines, technical observations, and remediation impacts with precision and clarity.

Threat Intelligence & Continuous Learning

Maintain current knowledge of attacker TTPs, advanced persistent threats, emerging tools, and incident response best practices.
Apply threat intelligence insights to strengthen investigative techniques and enhance incident detection capabilities.

Technical Guidance & Support

Provide expert technical guidance to teams on incident monitoring, triage, response workflows, threat and vulnerability management, and security analysis.
Mentor team members and support growth in incident response competencies across the organization.

Process Optimization & Strategic Direction

Identify and drive opportunities to improve incident management efficiency and response workflows at scale.
Champion the integration of automation and AI-driven tools to accelerate detection, triage, and resolution.
Contribute to the long-term strategic direction of the company’s cybersecurity and incident response programs.

Qualifications

EDR Experience- CrowdStrike and/or SentinelOne with experience investigating and analyzing malware and other malicious activity.
Experience with forensics tools such as FTK, EnCase, Autopsy to collect and analyze file system artifacts, process history, application artifacts, memory collection and analysis for physical and cloud systems (Windows, Mac, Linux).
4 or more years of experience in an analytical role of either forensics analyst (Linux, Windows, or MacOS), threat analyst, incident response, SOC analyst, or security engineer/ consultant.
Experience with cloud environments such as: Azure, AWS, GCP – knowing how to collect and analyze logs from Guard Duty/ Defender and CloudTrail, etc.
Familiarity with the MITRE ATT&CK or related frameworks.
Experience developing and managing incident response programs with focus on efficiency through AI development.
Strong communication skills with confidence leading Incident Response calls with different stakeholders; followed by producing detailed incident reports.
Proficient in social engineering, phishing, and related fraud schemes.
Strong general knowledge of security concepts and expertise in network and web application security issues.
Experience with a scripting language such as Python, Bash, PowerShell, or other scripting language in an incident handling environment.

See more open positions at Publicis Groupe

Privacy policy Cookie policy

Getro.org is a community-driven initiative to ease the impact of COVID-19 by connecting tech professionals and hiring companies. It's free for job seekers and companies, and curated by a growing list of referral partners.