Summary of the role:
Information security analysts play a key role in protecting our customers from cyberattacks as they are the first to see the security alerts and the first to respond to cybersecurity incidents. Their main role is to filter out the false positive alerts generated by the security controls (through the associated correlation rules), to create a security incident whenever a security alert is detected as true positive and investigate the root cause of that security incident when possible.
As an information security analyst working in a Managed Security Service Provider (aka MSSP), our information security analysts are seeing alerts coming from many different security controls from a very diverse set of customers in multiple geographic regions. This is an ideal environment for those who are passionate for cybersecurity, have a thirst of knowledge and wants to ramp up or advance their cybersecurity skills in a challenging environment. Keeping the bad guys out is what motivates us!
Information security analysts need to be detail oriented because they are responsible for monitoring many aspects simultaneously. They need to watch the protected network and respond to threats and events from a variety of sources. Our information security analysts are working from two offices, one in Canada and one in Switzerland, thus ensuring the full 24x7 coverage.
- Continuous monitoring of the alerts coming from our customers on a centralized SIEM.
- Review and triage the alerts produced by a diverse set of security controls.
- Open and track incidents for highly probable true positive alerts in accordance with the escalation grid of each customer.
- Investigate security incidents to propose or apply remediation actions, assess the scope of the attack and the affected systems, and collect data for further analysis.
- Scan for vulnerabilities on the infrastructure of clients using our vulnerability detection system.
- Recommend solutions that would improve the security posture of our customers.
- Answer and respond to customer’s calls related to security incidents.
- Fine tune the correlation rules with our information security specialists to reduce the amount of false positive alerts on the console.
- Support Incident response and malware analysis occurring in customer’s environments.
- College degree or professional diploma in cybersecurity, or equivalent experience
- Excellent technical knowledge related to network security
- Excellent knowledge of the entire TCP/IP protocol stack and cryptography protocols
- Excellent knowledge of firewall and intrusion detection/prevention protocols
- Experience with SIEM (Security Information and Event Management)
- Experience with Linux shell commands (grep, cat, etc.)
- Experience with Windows, Linux, network, web, firewall and DNS administration
- Experience with network protocol collection and packet analysis tools
- Experience working in a SOC (an asset)
- Good communication skills in English and French (Spanish is an asset)
- Absolute integrity and focus on security at all times
- Ability to thrive on high ops tempo and high-stress environments
- Strong analysis, organizational and documentation skills
- Sense of urgency, resourcefulness and initiative
- Ability to provide on-the-job training and knowledge sharing to other analysts
- Self-initiative with strong time management
- Availability for working in a team-oriented environment during work shifts
- Thorough in-house, expert training on cutting-edge technology
- Dynamic work environment in new and modern office
- Employee Referral Bonus
- Group insurance plan
- Team spirit and dedication to service excellence
- Sense of belonging to a global, brand-name organization