Cybersecurity Analyst - Canada - Prime Import Export
2 weeks ago
Description
Décrivez les responsabilités du poste, ainsi que d'autres critères de sélection tels que l'expérience professionnelle, les compétences ou le niveau d'études.
Tasks:
- Perform forensicdriven threat hunting activities to discover advanced attacks including identifying threat actor groups and TTPs using static and dynamic analysis.
- Analyzing, triaging, and investigating security events across multiple platforms and using network, endpoint, and cloud telemetry.
- Managing complex security incident investigations endtoend including validation, escalation, and containment.
- Performing digital forensics on impacted assets including but not limited to server(s), endpoint(s) and virtualized systems.
- Drafting analysis / forensic report(s)
- Developing new use cases and playbooks
- Conducting quality reviews of investigations to identify areas for improvement.
- Supporting in the development of the detection rules and mechanisms.
- Developing key service reports and deliverables including threat advisories, flash briefs, RFIs and monthly reports.
- Overseeing maintenance of system tickets and alerts.
- Handling security incident escalations from Level II analysts.
- Supporting in the development of other team members through knowledge sharing and collaboration.
- Maintaining current knowledge of InfoSec threats, vulnerabilities and TTPs.
Qualifications required:
- 5+ years of recent security operations experience (SOC, Incident Response, Digital Forensics, Malware Analysis, IDS/IPS Analysis, Cyber threat hunting).
- Proven technical knowledge and experience working with SIEM, EDR and XDR solutions including Splunk, Kibana, Sumo Logic,Defender, Carbon Black, Crowdstrike or similar.
- Proven technical knowledge and experience working with Computer Forensics solutions including EnCase, Axiom, Autopsy, DFF, FTK or similar.
- Proven technical knowledge of common threat analysis models such as the Diamond Model, Cyber Kill Chain and the MITRE ATT&CK and experience using them to track, investigate or simulate attacks.
- Professional certifications such as OSCP, GIAC / SANS 500+ (GCIH, GPEN, GXPN, GCFE, GCFA etc.) or other defensive and offensive technical certifications is considered an asset.
- Ability and willingness to obtain a Security Clearance.
Conditions:
- Permanent position;
- Full package benefits;
- Competitive salary.
Type d'emploi :
Temps plein
Salaire :
,00$ à ,00$ par an
Lieu du poste :
En présentiel
More jobs from Prime Import Export
-
Superviseur(E) de Production
Montréal, Canada - 3 weeks ago
-
Superviseur Comptes Fournisseurs
Montréal, Canada - 3 weeks ago
-
Représentant(E) Service à La Clientèle
Montréal, Canada - 2 weeks ago
-
Cyber Security Manager
Montréal, Canada - 2 weeks ago