Analyst, Cybersecurity

Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated. Time Type: Regular Job Description: SUMMARY OF JOB RESPONSIBILITIES Reporting to the Security Operations Center Manager (SOC Manager), the cybersecurity analyst's mission is to analyze cybersecurity incidents, investigate the relevance and context of events and trigger the required escalations. In an environment where the emphasis is on automating the processing of alerts, enrichment and triage, the analyst will have to develop the necessary “playbooks” in the orchestration tool. In addition to participating in event triage, the analyst must develop and maintain the team's cybersecurity systems. Update the various "infrastructure as code" configuration as well as the continuity of operations in the cloud. The analyst must have a great ability to identify problems and propose solutions, both in terms of event analysis but also in terms of the design and operation of surveillance systems. Be part of a team that works together daily, a team that shares ideas, solutions and works towards a common goal, to improve the company's cybersecurity posture. The team also works to protect information and network access for its customers. The analyst will have the chance to discover a modern SOC, built on cloud computing foundations allowing great elasticity and a virtually unlimited capacity for processing information. **MAIN RESPONSIBILITIES**: - Demonstrate discretion and respect the confidentiality of events processed- Analyze cybersecurity events in a "SOAR" and "SIEM" type solution- Investigate events in order to establish the source of the information, its context and severity- Maintain and improve use cases in SIEM solutions- Develop, maintain and improve automation playbooks for event analysis and response- Develop, maintain and improve cybersecurity systems, under various Linux platforms- Develop, maintain and improve event message routing settings and ingestion health check monitoring.- Master the "Google Cloud Platform" services necessary for the proper functioning of event ingestion- Develop and maintain a high level of personal and team-level technological competence- Follow the evolution of security practices in the field of development- Support management decisions and the strategic security plan- Assume all other related tasks, similar to the main characteristics mentioned in this description.- As part of their work, the incumbent must take the necessary measures to ensure his own health and safety, that of his colleagues and that of the general public. He/she must at all times use the personal protective equipment made available to him/her and comply with all health and safety instructions, statements, policies and procedures issued by the company.- To support Cogeco's ultimate goal of providing excellent service to current and potential customers, the incumbent must constantly listen to and respond to the needs of external and internal customers, contributing diligently and professionally. to the resolution of any problem or concern by ensuring that the solution meets the client's needs. ESSENTIAL REQUIREMENTS ACADEMIC TRAINING Bachelor's degree, diploma or recognized certificate in cybersecurity, computer science or related field WORK EXPERIENCE- 5-10 years of experience in computer security, IT technical support or system management- 3-5 years of experience in the analysis of cybersecurity event or incident response- 1-3 years of experience in python, ruby or other development TECHNICAL SKILLS- Ability to exercise judgment and discretion with confidential information- Demonstrated experience in the use of SIEM ex: Arcsight, Exabeam, Elasticsearch, Splunk- Be autonomous in managing Linux systems- Strong programming skills (Python/Ruby/Perl/etc.)- Strong skills in automation and orchestration (Ansible, Splunk SOAR, Terraform)- Strong ability to analyze data and detect anomalies- Strong ability to be creative in resolving issues- Strong ability to understand technical issues- Strong ability to write and maintain technical documentation- In-depth knowledge of environments: Linux, Windows, Google Cloud Platform, Network Security Monitoring SPECIFIC SKILLS- Good teamwork skills and demonstrated interpersonal skills.- Demonstrate leadership and enjoy sharing knowledge.- Very good communication and synthesis skills- Possess great intellectual curiosity- Excellent ability to write development documents and processes- Strong ability to perform multiple tasks simultaneously and efficiently in a fast-paced environment- Very good knowledge of English and French, both spoken and written. This role involves extensive reporting and communication with stakeholders in Quebec, Ontario and the United States.-