Cyber Security Specialist

Location: Canada_Remote, Canada

Dans des marchés en rapide évolution, les clients à travers le monde font confiance à Thales. Thales est une entreprise où les personnes les plus brillantes du monde entier se regroupent pour mettre en commun leurs idées et ainsi s'inspirer mutuellement. Dans tous les secteurs où œuvre Thales, notamment l’aérospatiale, le transport, la défense, la sécurité et l'espace, nos équipes d’architectes conçoivent des solutions innovantes qui rendent demain possible dès aujourd’hui.

In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.

**Position Summary**

**This is a Hybrid position located in Fredericton New Brunswick.**

Thales requires a **Cyber Security Specialist (Detection Engineer**) who will be responsible for the prevention of Cybersecurity incidents by real-time monitoring, detection, and analysis of potential intrusions. This includes using troubleshooting tools to analyze and respond to cyber threats, writing scripts to aid in quick analysis and response, and responding to security events. The position operates and tunes security tools, provides requirements for new security capabilities and creates use cases for monitoring.

The Cybersecurity Operations Centre (CSOC) team will rely on your contribution to perform an in-depth analysis of evidence, identify the malicious operations and evaluate the real impact in order to solve in a quick and efficient manner. This is a key role when it comes to on-boarding new customers, maintaining the CSOC’s infrastructure, continuous improvement of correlation rules, use-cases and playbooks.

**Essential Functions / Key Areas of Responsibility**

The security specialist must have an in-depth knowledge, skills and work experience in a Security Operation Centre (SOC), Cloud infrastructure and security, SIEM, EDR, log and network analysis, Network security (Firewall, WAF, IDS/IPS), Infrastructure are vital for this role.
- Must be analytical with detail-oriented analysis and great documentation skills.
- Must be capable using various SIEM vendors, SOAR and Cybersecurity monitoring technologies.
- Must be capable of advance analysis in respond to security incidents. Securely collect artifacts, analyze for malicious behavior and carry out analysis to determine the root cause of events.
- Lead threat-hunting activities, looking for anomalies. Ingest, analyze and contextualize data and turn that into intelligence for threat assessment and risk management.
- Proficient knowledge in interpreting and constructing queries, Malware obfuscated codes and network packets.
- Provide advice on configuration of network security devices for service and security enhancement.
- Point of escalation for other CSOC analysts in support of cybersecurity investigations. Provide guidance and oversight on incident resolution and containment techniques.
- Develops metrics and reports on intelligence and incidents for management.
- Contribute to the creation, update and distribution of incident response best practices to include response capabilities and recommendations to senior leadership when dealing with incidents that affect the business.
- Ensuring support tickets are up to date with the most current data. Provide proper escalations and hand overs to management and support staff.
- Communicate effectively (team spirit) with customers, colleagues, and management.
- Proficient in designing, implementing and maintaining SIEM platform, log management systems, and correlation engine.
- Proficient in vulnerability analysis, incident management, management of SIEM, Firewall, WAF, IDS/IPS, Data Loss Prevention (DLP), and threat intelligence platform.
- Must be able to continuously improve and tune SIEM, SOAR use cases and assist in maintaining the CSOC platform.
- Proficient in diverse system infrastructure (Windows, *nix).
- Must have expertise supporting one or various Cloud infrastructure (Azure, AWS, GCP or IBM Cloud).
- Excellent in creating reports, presentations, architecture, workflow diagrams, and documentations.
- Up-to-date with the latest Cybersecurity trends, news and threat landscapes, IoT, Big Data, Cloud Security, and Digital Transformation.
- Support customer onboarding projects to ensure a successful transition to CSOC for security monitoring services.

**Minimum Requirements: Skills, Experience, Education, Technical/Specialized Knowledge, Certifications, Language**
- Bachelor degree in engineering, computer science, cybersecurity or related IT fields or job experience equivalent with a minimum of five (5) years of experience.
- Currently holding one or more Cybersecurity industry recognized certifications: (ISACA, ISC2, GIAC SANS, CompTIA, Offensive-Security).
-