The Cybersecurity Analyst represents the front end for security incident handling and is key to delivering best in class resolutions for our customers and their assets.
The incumbent will demonstrate confident and appropriate communication skills both verbally and electronically. They can provide mitigation actions under pressure, reducing business impact and protecting customer s services.
All CV’s must be received in English.*
What You'll Do
Perform Tier 1 and Tier 2 Security Operations Center activities such as monitoring, triaging, investigating, and responding to suspicious activity across all company assets.
Responsible for containment and recovery of security incidents, crafting and deploying mitigation and eradication strategy.
Perform analysis of events coming from security platforms like SIEM, IPS / IDS, EDR, Antivirus, Firewall, etc.
Help stakeholders to determine the best course of action to remedy the problem.
Assist with root cause analysis of security issues and documentation of lessons learned.
Collaborate with the platform’s team in identifying use cases that leverage existing tools to enable automation and improve detection.
Aid to identify improvements on technology, process, and techniques, to enhance security events detection and response capabilities.
Interface with internal platform’s teams and assist with general IT security as required.
Provide remote service assistance on regarding of security matters using the various web-based remote support tools when necessary.
Receive and respond to security tickets escalated by Service Desk under the information security umbrella and handle it in a timely manner.
Provide ticket update and feedback throughout the life of the support incident.
Perform analysis of security threats and network issues.
Escalate high profile issues in a timely manner using well defined process for appropriate handling and resolution.
Craft and deploy mitigation and eradication strategy for network and security incidents.
Who You Are
4-5 years of previous support experience working in a technology / systems department directly supporting customers.
Current industry relevant certifications (Microsoft, Cisco, LPI, VMware, Citrix, CompTIA, EXIN, ISACA, ISC2, Offensive Security, etc.) would be an asset.
Excellent understanding of IT fundamentals across networking, system, and application layers, including knowledge on hardware, software, networks, and data centers.
Good knowledge of common client side productivity application suites (Microsoft Office Suite, Outlook Exchange environments, Office 365, etc.).
Strong working knowledge of server side applications, technologies and communication models, namely Mail Server, Proxy, DNS, Virtualization, VPN, Firewall, OSI Model, DMZ, Honeypot, Directory Services, WSUS.
Good knowledge of public cloud solutions (Azure, AWS, Google Cloud).
Strong understanding of the incident response lifecycle at both technical and procedural level.
Experience performing incident response on alerts from SIEM platforms would be an asset.
Familiar with SecDevOps and desired knowledge on scripting and automation (Powershell, Shell Scripting, Python, etc.).
Understanding of the vulnerability management process. Practical knowledge on vulnerability testing and capable to define mitigation actions.
Fluent in English.
Good interpersonal, communication and collaboration skills.
Organizational and planning skills.
Multitasking, prioritization, and critical thinking skills.
Willingness to learn new skills (including self-learning) and be highly self-motivated.