Role : SOC N1 Security Analyst
Location : Toronto, ON
The candidate must be fluent in French
Job Description:
The SOC N1 Security Analyst is responsible for protecting client infrastructures from cyberattacks. To do this, they will need to detect, qualify, and respond to security events.
Main Responsibilities:
Alert Management:
- Monitor security incidents;
- Conduct in-depth analysis of incidents, classify them according to procedures, and determine if they pose a real threat or not;
- Handle or escalate alerts according to procedures;
- Create tickets in the dedicated platform (Connecwise);
- Follow up on assigned alerts;
- Produce documentation related to incidents and their handling;
- Communicate with clients as needed;
- Monitor our clients infrastructures to detect threats ("health check").
Client Relationship:
- Maintain the relationship with the client. Communicate and collaborate with clients to share information on incidents or events (when critical).
Training:
- Participate in the onboarding process;
- Participate in team training;
- Stay informed about technological developments (training, reading) and sector news.
Leadership:
- Propose improvements that can be made to the SOC;
- Follow SOC procedures.
- Security
- Ensure the protection of client data;
- Follow the company's and clients' data security guidelines;
- Report incidents and anomalies affecting ESI operations to the internal security team.
- Additional Information about the Position:
- Use existing tools and provide feedback to levels 2 and 3 for continuous improvement;
Desired Profile:
- Completed education in computer science;
- Operating systems (Linux, Windows, Mac (optional));
- Network protocols (TCP, UDP, IP, ICMP, L7 protocols);
- Basic knowledge of SIEM technologies;
- Best practices in network architecture and basic understanding of network devices;
- Basic Knowledge on Asset management;
- Security threats and attack countermeasures;
- Knowledge and expertise of Qradar
- Ability to find relevant information on global threats;
- Ability to conclude an incident analysis in 20-40 minutes or escalate in 20-40 minutes;
- Ability to learn from a previous escalation to deduce the escalation of a similar incident;
- Have or be preparing one of the following certifications:
- CompTIA CYSA;
- CCNA;
- Qradar SOC Analyst;
- EDR Solutions (Crowdstrike, SentinelOne);
- EC-Council SOC Analyst.
- Very good level of English, both written and spoken;
- Good time and priority management;
- Good written and verbal communication;
- Good teamwork and collaboration skills;
- Good sense of urgency;
- Rigor.