Description
IMPORTANT
TOP 3 Skills:
Content development/SIEM skiills (Arcsight, ELK,E Elastalert) scripting language (such as Python or PowerShell) Analysis of security events and cyber threat from the SIEM platform UNILINGUAL - English OK.
Candidates from Montreal, Toronto or Ottawa OK
Supervise the implementation and the development of new technologies and new services, analysis of operational impacts and network management processes, training and management platforms plans.Analyze the effectiveness of the service and operational security processes and propose necessary adjustmentsDevelop complex documentation to allow trend analysis, design solutions and operating guides or various deliverablesDevelop detection rules (SIEM), monitoring dashboards and playbooks to identify legitimate threats, suspicious/anomalous activity, offensive tools and malware indicators.Participate in deployment of security software update mechanism and security package across multiple Business units.Support Business units during deployments of security software updates mechanism or security packageEstablish policies and guidelines for software deployments in varied environmentsDevelop comprehensive and accurate oral and written reports, documentation and presentations for both technical and executive audiencesEffectively communicate and collaborate with all teams, within Security Operation Center (SOC) or outside the SOCEssential Qualifications:
University or college degree in Computer Science/Engineering or 5 to 10 years of equivalent experience in the cyber security domain.Proven experience in design, implementation and troubleshooting solutions related to the security domain.Good understanding of network security platforms, OS security features, Application protection systems.Good understanding of Security Information and Events Management (SIEM) concepts.Experience in the analysis of security events and cyber threat from the SIEM platform.Knowledge of Windows & Linux systemsGood Knowledge of scripting language (such as Python or PowerShell)Excellent spoken and written communication skills.Preferred Qualifications:
Professional security certification such as CCNP Security, CISSP, CCSE, GIAC certification, SIEM certificationWorking experience with Agile, Continuous Improvement and Lean.Experience or knowledge of threat hunting and/or malware analysisUnderstanding of the incident response process, risk assessment methodology and computer forensicsExperience with security technologies such as SIEM, AV, firewall, etc.Solid knowledge of security and networking fundamentals.Hands-on experience with packet dissection, software reverse-engineering and offensive techniques.Participation in various security- or computer-related events, such as conferences and CTF competitions.Software engineering or data engineering experience.Experience with machine learning and artificial intelligence.A few side projects to demonstrate understanding and interest.