The Security Analyst is part of a team that manages the IT security of clients to reduce the impact of security incidents and system compromises. This team ensures security monitoring, investigation and analysis of events, as well as countermeasures proposals.
- Start date : As soon as possible
- Work schedule: Full time – 40 hours
- Job status: Permanent
- Shift: Day
- Salary: Competitive compensation
DUTIES AND RESPONSIBILITIES
Event detection – Following an established and documented process but not limited to:
- Reception of security alerts from monitored devices and associated technology.
- Opening of new cases or updating of existing cases in order to follow monitor the management of events.
- Event filtering – Follow the established process for identifying events that require filtering. Document and assign event filtering requests in tickets.S
- Event escalation – Follow an established process to deliver event investigation data to the appropriate point of contact, whether that point of contact is an external customer or an internal resource. Report recurring issues and issues discovered in the course of your duties.
- Event closure – Follow the established process to ensure resolution criteria are met before closing tickets.
- Manual health checks – Follow established and approved processes to perform scheduled health checks on applicable devices.
QUALIFICATIONS & REQUIREMENTS
- Experience with Windows, Linux, iOS, Android operating systems.
- Experience in cybersecurity or networking.
- Experience in security operations center / IT incident response center.
- Knowledge of SIEM, FortiSIEM and Azure Sentinel systems is an asset.
- Understanding of basic security concepts: principle of least access, compartmentalisation, etc.
- Analytical and process oriented, with experience in collaborative decision making.
- Good knowledge of Active Directory and Azure services.
- Ability to pay attention to what people are saying and use logic and reasoning to identify the strengths and weaknesses of solutions and alternatives.
- Ability to quickly identify complex problems and review related information, in order to develop and evaluate options for implementing solutions.
- Customer service oriented.
- Excellent stress management.
- Possibility of doing cybersecurity certifications.
- 2 years in SIEM security center operation or other related experience.
- CompTIA Security +
- Fortinet NSE5, FortiSIEM and FortiEDR aspects
- Cloud-native security operations with Azure Sentinel
- Bilingual (French and English) oral and written.