IT Security Analyst (intermediate)

Job ID
989
Location
Montreal downtown
Role and Responsibilities
IT Unlock’s mission is to improve our client's current IT condition. We are looking for a talented IT Security Analyst. This is a permanent position. The work is done remotely until new instruction from the government and the candidate must live in Montreal. Beautiful technologies and nice challenge are waiting for you.

Missions

 

Management of IT infrastructures security events / incidents

  • Monitoring of IT security events; specifically alerts triggered by the RSA Analytics / Netwitness SIEM (e.g. alerts on the following area: IDS; AV - Virus infections, intrusions);
  • Events / alerts analysis in order to identify false and true positives (e.g. in the case of IDS alert, is it a real attack attempt?);
  • Design and implementation of IT infrastructures security incidents operational procedures (i.e. how to manage IDS, AV alerts; how to perform investigations using RSA; etc…)
  • Produce weekly and monthly dashboard on the SOC IT security / incidents activity; e.g. KRIs on IDS and AV alerts.

 

Management of SOC tools; specifically the SIEM platform (RSA Security Analytics and NetWitness)

  • Daily management and monitoring of the platform (e.g. to ensure that security events are collected and processed properly);
  • Development / customization / maintenance of correlation rules;
  • Managing IDS , AV policy, EDR policy.


Profil

 

COMPETENCIES

 

Required:

  • Experience in the management of IT infrastructures security events / incidents
  • IS Security (knowledge of IT security principles, best practices, tools that are used in securing IT resources) and related risks
  • Good MS Office (Word, PowerPoint, Visio, Excel) skills;
  • Client Focus
  • Team work
  • Analytical thinking
  • Willing to learn
  • Ability to communicate clearly with technical teams and with non technical stakeholders.

 

Desired:

  • Previous experience as SOC analyst.
  • Knowledge of application architecture
  • Development/Scripting skills (e.g. Powershell and/or python) 

 

TECHNICAL SKILLS

 

Required:

  • Knowledge of SIEM products (e.g. RSA Analytics and RSA NetWitness)
  • Knowledge of network security products (SourceFire IDS/IPS; Cisco, Firewall,Proxies ..)
  • Good knowledge of network basics ( OSI, NAT, …)
  • Knowledge of network packets analysis (Wireshark, TcpDump, …) 

PRIOR WORK EXPERIENCE

 

Required

  • 2/5+ years in IT infrastructures security ideally in a SOC; specifically in the management of IT infrastructures security events / incidents and the management of SIEM platforms (preferably in a SOC team)

  

Languages:  English / Fench

 

EDUCATION

Required:

  • Bachelor in IT
  • Strong interest in Information Security or Information Technology

 

Desired

  • Specialization in Information Systems Security


Skillset
Required:
- 2-5+ years in IT infrastructures security ideally in a SOC; specifically in the management of IT infrastructures security events / incidents and the management of SIEM platforms (preferably in a SOC team)
- SIEM products (e.g. RSA Analytics and RSA NetWitness)
- SourceFire IDS/IPS; Cisco, Firewall, Proxies or equivalent
- OSI, NAT, ...
- Wireshark, TcpDump, …
- English
Number of positions
1
Work Experience
At least 2 years
Salary
null
Apply on Job