Senior Security Analyst
The Security Analyst is part of a team that manages the IT security of clients to reduce the impact of security incidents and system compromises. This team ensures security monitoring, investigation and analysis of events, as well countermeasures proposals..
- Flexible schedule and “work/family” balance
- Hybrid teleworking
- Stimulating and pleasant work environment
- Hairdresser service at the office
- A chef for us on Fridays!
- Arcade (pinball, Street Fighter, etc…)
- Lounge, terrace, bar
- Performance bonuses
- Group insurance
- Employee referral bonuses
- An active social club
- Start date : As soon as possible
- Work schedule: Full time – 40 hours
- Job status: Permanent
- Shift: Day
- Salary: Competitive compensation
DUTIES AND RESPONSIBILITIES
Event detection – Following an established and documented process but not limited to:
- Reception of security alerts from monitored devices and associated technology.
- Opening of new cases or updating of existing cases in order to follow monitor the management of events.
- Event filtering – Follow the established process for identifying events that require filtering. Document and assign event filtering requests in tickets.
- Event investigation – Follow an established process for collecting relevant data and performing the necessary level of analysis on that data.
- Event escalation – Follow an established process to deliver event investigation data to the appropriate point of contact, whether that point of contact is an external customer or an internal resource. Report recurring issues and issues discovered in the course of your duties.
- Support security analysts to respond to escalated requests.
- Event closure – Follow the established process to ensure resolution criteria are met before closing tickets.
- Manual health checks – Follow established and approved processes to perform scheduled health checks on applicable devices.
QUALIFICATIONS & REQUIREMENTS
- Experience with Windows, Linux, iOS, Android operating systems.
- Advanced experience in cybersecurity or networking.
- Experience in security operations center / IT incident response center.
- Knowledge of SIEM, FortiSIEM and Azure Sentinel systems is an asset.
- Experience with tools to perform port scans, network scans and vulnerability scans.
- Experience with tools used for penetration testing, example tools for malware creation / deployment, network traffic sniffers, session hijacking, denial of service and SQL injection.
- Understanding of basic security concepts: principle of least access, compartmentalisation, etc.
- Analytical and process oriented, with experience in collaborative decision making.
- Good knowledge of Active Directory and Azure services.
- Ability to pay attention to what people are saying and use logic and reasoning to identify the strengths and weaknesses of solutions and alternatives.
- Ability to quickly identify complex problems and review related information, in order to develop and evaluate options for implementing solutions.
- Customer service oriented.
- Excellent stress management.
- Possibility of doing cybersecurity certifications.
- 3 years in networking or cybersecurity.
- 2 years in SIEM security center operation.
- Having already deployed a SIEM is an asset.
- CompTIA Security +
- Fortinet NSE5, FortiSIEM and FortiEDR aspects
- Cloud-native security operations with Azure Sentinel
- Certified Ethical Hacker
- Bilingual (French and English) oral and written.