Role: Bilingual Security Operations Center (SOC)
Location: Montreal, Qc
Length: 12 months
Type: Hybrid
ROLE
R As a Cyber Analyst, you will be responsible for monitoring, analyzing, and responding to cybersecurity incidents and threats. You will work closely with our Managed Security Service Provider and Cybersecurity Operations team to protect the organization’s information assets, defend against cybersecurity threats and respond to incidents as they occur.
Resource will be supporting the internal audit technology team with their testing of the technology controls.
Responsible for executing the test procedures
RESPONSIBILITIES
The Cybersecurity Operations Analyst is responsible for the following tasks:
Respond to cybersecurity incidents Provider (MSSP),
Monitor alerts from detection platforms and events from various sources, including the XDR platform, Identity Protection tools, and network traffic analysis.
Triage alerts from detection platforms, identifying and resolving false positives while escalating genuine identified attacks.
Analyze and investigate security incidents to determine their impact, scope, and root cause.
Develop and maintain internal incident response playbooks and procedures.
Stay current with the latest cybersecurity threats, trends, and technologies.
Maintain and configure cybersecurity tools and technologies.
Monitor the performance and health of security systems to ensure optimal operation.
Troubleshoot and resolve issues related to cybersecurity technologies.
Implement updates, patches, and upgrades to security tools and systems.
Collaborate with other IT teams to integrate and optimize security technologies.
Occasionally, may provide support to Identity and Access Management (IAM) personnel by assisting with tasks like reviewing, granting user permissions and ensuring adherence to the Access Control Standard.
QUALIFICATIONS
Tier 1: Critical Technical Skills
These are the most important skills and capabilities for effectively performing the core duties of a Cybersecurity Operations Analyst.
- Understanding of cybersecurity principles, threats, and vulnerabilities.
- Experience monitoring security information and event management (SIEM) systems & tools and cross-referencing indicators with threat intelligence feeds including open source (such as virus total, hybrid analysis, etc.).
- Experience with monitoring networks, detecting threats, and responding to incidents.
- Familiarity with common attack vectors such as phishing, malware, business email compromise and ransomware.
- Proficiency in triaging and remediating security events.
- Strong analytical and troubleshooting skills.
- Experience with network and security technologies, such as firewalls, IDS/IPS, mail and web hygiene platforms and, endpoint security.
Tier 2: Supporting Technical Competencies
These enhance the Cybersecurity Operations Analyst's ability to improve processes, tools, and strategic capabilities.
- Experience configuring and utilizing vulnerability assessment technologies.
- Experience analyzing the current threat landscape and attack vectors.
- Demonstrated ability in contribution to the implementation of detection technologies.
Tier 3: Analytical and Problem-Solving Skills
These skills are critical for success but are built upon the technical foundation
.
- Strong problem-solving, critical thinking, and troubleshooting skills.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
Tier 4: Collaboration and Communication
These skills enable Cybersecurity Operations Analyst to effectively work within a team and communicate findings.
- Ability to establish and maintain effective working relationships with others.
- Experience with report writing, investigational techniques, and communicating to large audiences.
- An ability to effectively influence others to modify their opinions, plans, or behaviors.
- An understanding of organizational mission, values, goals, and consistent application of this knowledge.