Job Title: Senior Information Security Analyst
Mode of work: Hybrid (3days office)
Shift Timings: 12PM to 9PM
SUMMARY OF POSITION AND OBJECTIVES:
As part of the Deception team, you will be at the forefront of proactive cybersecurity defense by designing, deploying and maintaining deceptive technology across Eurofins environment.
You will be responsible for creating realistic traps and lures – including honeypots, honeytokens and decoy systems - to detect threat actors early, observe their behavior and provide high-fidelity alerts to the security operations team. This is a hands-on technical role for someone who enjoys thinking like an attacker, designing smart bait and turning adversaries curiosity into their downfall.
POSITION & OBJECTIVES:
Job Description:
Design and deploy deception assets across Eurofins environment (eg. Honeypots, honeytokens, decoy credentials, fake databases).
Build deception layers tailored to different environments: endpoint, cloud, network, identity, and application layers.
Integrate deception events into the broader detection pipeline (SIEM, SOAR, EDR) to enable rapid alerting and enrichment.
Develop and maintain custom honeypots or tune commercial deception platforms as needed.
Collaborate with threat intelligence and red team teams to simulate attacker behavior and ensure deception realism.
Continuously test and validate deception effectiveness—ensure decoys are believable, well-placed, and invisible to legitimate users.
Monitor and analyze attacker interactions within deceptive environments to extract TTPs and Indicators of Compromise (IOCs).
Assist in post-incident analysis by providing threat behavior insights from deception triggers.
Document deception deployment strategies, playbooks, and incident enrichment data.
Research and evaluate new deception techniques and tools to enhance capability maturity.
Technical Knowledge:
Strong understanding of cyber deception concepts: honeypots, honeytokens, honeycreds, decoy systems, canary files, etc.
Experience with deception frameworks or commercial solutions (e.g., Thinkst Canary, Illusive Networks, Cymmetria, TrapX, Acalvio, OpenCanary).
Solid grasp of network protocols, Windows/Linux internals, and Active Directory.
Experience integrating deception with SIEM platforms (e.g., Splunk, Elastic, QRadar) and SOAR systems.
Familiarity with attacker TTPs, MITRE ATT&CK framework, and threat actor behavior patterns.
Ability to think offensively while building defensive systems (red/purple team experience is a plus).
Scripting skills in Python, PowerShell, or Bash for automation and custom decoy development.
Comfortable working cross-functionally with detection engineers, threat hunters, and incident responders.
Personal Qualities:
Excellent verbal and written communication skills (concise writing and oral convincing);
Eager to learn and continuously develop personal and technical capabilities.
Excellent interpersonal, analytical, detail-oriented, and problem-solving skills.
Proactive personality who can adapt to changing priorities and a keen analytical mindset to investigate cases.
Good team player with ability to work with team spread across the world.
What we offer:
Opportunity to grow in a demanding, fast-growing organization.
Very attractive, multicultural and friendly work environment in fast-growing international company (more than 65 000 employees now)
Possibility to grow and make the next step in your professional career and self-development.
A launch pad into various opportunities – within many business lines of Eurofins globally
A chance to become part of a highly motivated international team of professionals.
QUALIFICATIONS AND EXPERIENCE REQUIRED:
BE/B.Tech/MCA or any other equivalent degree.
4+ years of incremental experience in the areas of Cybersecurity.
BE/B.Tech/MCA or any other equivalent degree.
