About Our Company
WELAN is a cybersecurity consulting firm that supports businesses of all sizes in protecting themselves against increasing digital threats.
Our team consists of experts, but not only that. We strive to create an environment conducive to learning and professional development, allowing less experienced team members to progress towards the expected level of expertise through learning projects and a mentoring program.
Despite our different levels of experience, we all share two things: a passion for cybersecurity and a commitment to learning.
Our Expertise
So, why work with us? Our team possesses extensive experience and deep technical expertise in cybersecurity across the following 5 pillars:
Offensive cybersecurity, which involves assessing or identifying weaknesses within a company through penetration testing, technical audits, configuration audits, or code audits.
Defensive cybersecurity, where we assist clients in defining defense strategies or security roadmaps, integrating defense tools, or addressing vulnerabilities. Within this realm, we have developed a specialization in Active Directory security projects.
Detection, where we audit security incident detection providers (e.g., SOC), define data collection and analysis strategies, and integrate detection and analysis tools (e.g., SIEM).
Incident response, which unfortunately comes into play when a client’s security measures have not effectively protected them. Here, we conduct forensic analysis of incidents to determine attack vectors, actions taken by attackers, installed backdoors, and compromised or stolen data. Following analysis, we formulate corrective and preventative measures to implement.
Compliance, enabling our clients to sustain their security levels, mature in their security practices, and demonstrate their security posture to prospects, clients, or private and public entities. In this capacity, we serve as auditors or advisors on frameworks such as SecNumCloud, PDIS, PRIS, PCI DSS, SOC2, or ISO 27001.
As recognition of our expertise, some of our consultants have been qualified by ANSSI as SecNumCloud, PDIS, and PRIS auditors. They collaborate with service provider evaluation centers during audits to qualify for the aforementioned frameworks.
Job Description
The CTI&CTH service at WELAN aims to provide a consolidated view of threats, techniques, and methods employed by attackers. This activity involves:
- Information gathering (from open or semi-open sources)
- Extraction and analysis of indicators
- Consolidation of collected information
- Distribution to WELAN’s clients
- Tracing compromise indicators
- Integration of indicators into defense tools (proactive defense)
The development of analysis tools and scripts will be done in close collaboration with intrusion and incident response experts.
Profile Description
We are looking for a candidate with a specialized background in cybersecurity, demonstrating a comprehensive understanding of cybersecurity concepts and cyber attacks.
The ideal candidate should be technically oriented, naturally curious, and eager to deepen their knowledge in the field of cybersecurity.
Practical mastery of scripting languages such as Python, Bash, or PowerShell is required.
They must be capable of working independently while also possessing strong teamwork skills in a dynamic environment.
The candidate should have project-based work experience, both nationally and internationally. They should take on responsibilities, identify issues, and propose solutions. Adaptability in communication with various stakeholders is crucial.
Additionally, excellent written and verbal communication skills in both French and English are essential.