Security Incident Manager

Orange Business is here!

About us

Join us at Orange Business!

We are a network and digital integrator that understands the entire value chain of the digital world, freeing our customers to focus on the strategic initiatives that shape their business.

Every day, you will collaborate with a team dedicated to providing consistent, sustainable global solutions, no matter where our customers operate. With over 30,000 employees across Asia, the Americas, Africa, and Europe, we offer a dynamic environment to develop and perfect your skills in a field filled with exciting challenges and opportunities.

About the role

As a Junior SOC Engineer L1.5, you will act as the first technical layer supporting security operations by performing initial investigation, triage, enrichment, and coordination of security incidents. You will work closely with SOC analysts, incident managers, and technical experts to ensure fast and effective handling of alerts, incidents, and operational requests. The role is designed to strengthen end-to-end ownership, improve response efficiency, and support high service quality for our customers.

Key responsibilities include monitoring and assessing security events, validating alerts, performing first technical analysis, collecting relevant evidence, enriching tickets with clear findings, and ensuring proper escalation to the right resolver teams when needed. You will also support incident communication, follow defined runbooks and processes, contribute to service improvement, and help maintain strong SLA performance and operational discipline.

About you

ou are motivated to build a career in cybersecurity operations and have a strong interest in security monitoring, incident handling, and technical investigation. You are analytical, structured, and able to work calmly under pressure while managing multiple tasks. You have good communication skills, a strong sense of ownership, and a willingness to learn from real operational cases in a fast-paced SOC environment.

You should have a basic understanding of networking, security concepts, and incident management fundamentals. Familiarity with tools such as SIEM platforms, ticketing systems, EDR, firewalls, or monitoring platforms is a plus. Knowledge of TCP/IP, DNS, VPN, Windows/Linux basics, and common cybersecurity threats will be valuable in this role. Relevant internships, certifications, or academic background in cybersecurity, computer science, networks, or related fields are an advantage.

If you want it stronger and more professional for posting, use this version:

You bring passion, energy, taste for exploration and adaptability. You seek the opportunity to expand your knowledge and develop new skills.

What we offer

• Global Opportunities: Work in multi-national teams with opportunity to collaborate with colleagues and customers from all over the world.• Flexible Work Environment: Flexible working hours and possibility to combine work from office and home (hybrid ways of working).• Professional Development: training programs and upskilling/re-skilling opportunities.• Career Growth: Internal growth and mobility opportunities within Orange.• Caring and Daring Culture: Health and well-being programs and benefits, diversity & inclusion initiatives, CSR and employee connect events.• Reward Programs: Employee Referral Program, Change Maker Awards.

Only your skills matter

Regardless of your age, gender identity, race, ethnic origin, religion/belief, sexual orientation, marital status, neuroatypia, disability, veteran status or appearance, we encourage diversity within our teams because it is a strength for the collective and a vector of innovation. Orange Group is a disabled-friendly company and equal opportunity employer: don't hesitate to tell us about your specific needs.

Responsibilities

As a Junior SOC Engineer L1.5, you will act as the first technical layer supporting security operations by performing initial investigation, triage, enrichment, and coordination of security incidents. You will work closely with SOC analysts, incident managers, and technical experts to ensure fast and effective handling of alerts, incidents, and operational requests. The role is designed to strengthen end-to-end ownership, improve response efficiency, and support high service quality for our customers.
Key responsibilities include monitoring and assessing security events, validating alerts, performing first technical analysis, collecting relevant evidence, enriching tickets with clear findings, and ensuring proper escalation to the right resolver teams when needed. You will also support incident communication, follow defined runbooks and processes, contribute to service improvement, and help maintain strong SLA performance and operational discipline.