Saturday , November 23 2024
Breaking News

Security Analyst (Intermediate) SIEM – C.G.I.

C.G.I.

Title of the Job: Security Analyst (Intermediate) SIEM

Location: Montreal, QC

Job Description: Day-to-Day Responsibilities:
Security Event Management and Monitoring:

  • Incident Analysis: Proactively monitor and analyze security events triggered by SIEM systems, identifying and escalating true positives while mitigating false alarms.
  • Threat Intelligence: Leverage contextual and threat intelligence to assess the severity of incidents and guide response efforts.
  • Investigation Documentation: Maintain detailed records of investigation steps and escalate incidents as needed.
  • Detection Enhancement: Recommend improved detection mechanisms for potential exploits and intrusions.
  • Operational Support: Execute established procedures to address and contain security incidents.

Security Operations Procedures:

  • Procedure Development: Design and implement operational procedures for managing security events, such as IDS, AV alerts, and SIEM investigations.
  • Reporting: Generate weekly and monthly reports on SOC activity, including key performance indicators (KPIs) related to IDS and AV alerts.

SOC Tool Management:

  • Rule Development: Create, customize, and maintain correlation rules for SIEM systems.
  • Policy Management: Manage policies for IDS, AV, EDR, and deceptive solutions.
  • Collaboration: Engage with internal and external stakeholders to share information and improve processes.
  • Automation: Identify opportunities to automate processes and develop solutions.

ProfileRequired Competencies:

  • Proven experience in managing IT infrastructure security events and incidents.
  • Strong understanding of TCP/IP fundamentals, network and OS-level exploits, and IT security principles, best practices, and tools.
  • Excellent oral and written communication skills.
  • Client-focused approach, teamwork skills, analytical thinking, and a willingness to learn.
  • Ability to communicate effectively with technical and non-technical stakeholders.
  • Adherence to security best practices and SOC processes.
  • Ability to work independently and under pressure.

Desired Competencies:

  • Previous experience as a SOC analyst.
  • Proficiency with Splunk.
  • Development and scripting skills (e.g., PowerShell, Python).

Technical Skills:

  • Knowledge of SIEM products (e.g., Splunk, Microsoft Sentinel).
  • Familiarity with SOAR/SIRP solutions.
  • Understanding of network security products (e.g., SourceFire IDS/IPS, Cisco Firewall, Proxies).
  • Strong knowledge of network basics (OSI, NAT).
  • Experience with network packet analysis (Wireshark, TcpDump).
  • Cloud monitoring experience (advantageous).

Prior Work Experience:

  • Minimum of 2-5 years of experience in IT infrastructure security, preferably in a SOC environment, with a focus on security event management and SIEM platforms.

Education:

  • Bachelor’s degree in computer science, IT, or information systems.
  • Strong interest in information security or information technology.
  • Specialization in information systems security (preferred).

Languages:

  • Fluency in French and English is required, with a strong emphasis on English for effective collaboration with colleagues and partners in the United States.

Company Name: C.G.I.

Salary: $80000 per year


Apply for the job!

To apply for this job please visit jobviewtrack.com.