Current jobs related to Manager, Digital Forensics Incident Response/ Responsable des enquêtes numériques et de la réponse aux incidents - Montreal, Quebec - SITA
-
Montreal, Quebec, Canada SITA Full timeAperçuBIENVENUE CHEZ SITAChez SITA, nous faisons avancer les aéroports, assurons la fluidité des compagnies aériennes et maintenons les frontières ouvertes. Nos innovations technologiques et en communication soutiennent le succès de l'industrie mondiale du transport aérien.Nous sommes présents dans 95 % des aéroports internationaux et collaborons...
-
Montreal, Quebec, Canada SITA Full timeOverviewWELCOME TO SITAAtSITA, we keep airports moving, airlines flying smoothly, and borders open. Our technology and communication innovations power the success of the global air travel industry.You'll find us in 95% of international airports, working closely with over 2,500 transportation and government clients. Each partnership brings unique challenges,...
-
Montreal, Quebec, Canada Groupe Atos Québec Full timeMontréal | Temps plein | Gouvernance, Risques et ConformitéGroupe Atos Canada recherche un(e) expert(e) pour renforcer son équipe de réponse aux incidents de cybersécurité et accompagner divers clients sur des projets de continuité et relance informatique.Responsabilités / TâchesIntervenir lors d'incidents de cybersécurité complexes en...
-
Analyste SOC Senior – Réponse aux incidents
11 minutes ago
Montreal, Quebec, Canada American Iron & Metal (AIM) Full timeDescription De L'entrepriseAmerican Iron & Metal (AIM)est une entreprise familiale et un leader mondial reconnu dans l'industrie du recyclage des métaux avec plus de 125 sites et 4000 employés dans le monde entier. Nous avons continué à prospérer au cours des huit dernières décennies grâce au dévouement de nos employés et à la confiance et au...
-
Responsable de l'équipe SOC
6 days ago
Montreal, Quebec, Canada Genetec Full timeLa dynamique de votre équipe :Le chef d'équipe du centre des opérations de sécurité (SOC) dirigera les opérations de sécurité et guidera nos analystes de sécurité spécialisés dans la détection et la prévention des cybermenaces pesant sur l'organisation. Ce poste est essentiel pour protéger notre organisation et garantir des réponses rapides...
-
Responsable de l'équipe SOC
13 minutes ago
Montreal, Quebec, Canada Genetec Full timeLa dynamique de votre équipe :Le chef d'équipe du centre des opérations de sécurité (SOC) dirigera les opérations de sécurité et guidera nos analystes de sécurité spécialisés dans la détection et la prévention des cybermenaces pesant sur l'organisation. Ce poste est essentiel pour protéger notre organisation et garantir des réponses rapides...
-
Incident Commander
6 days ago
Montreal, Quebec, Canada Intrado Life & Safety, Inc. Full timeAbout UsIntrado se consacre à sauver des vies et à protéger les communautés, en les aidant à se préparer, à répondre et à se remettre des événements critiques. Notre entreprise de pointe s'efforce de devenir le partenaire de services d'urgence le plus fiable et axé sur les données, en unifiant les communications fragmentées pour fournir une...
-
Spécialiste SOC
6 days ago
Montreal, Quebec, Canada GENETEC Full timeLa dynamique de votre équipe :Genetec recherche un Spécialiste du Centre d'Opérations de Sécurité (SOC) pour rejoindre son équipe de sécurité de l'information. Cette équipe collabore avec les équipes métiers et techniques pour protéger Genetec, ses employés et ses clients des acteurs malveillants. Ils surveillent les réseaux et systèmes de...
-
Spécialiste SOC
14 minutes ago
Montreal, Quebec, Canada GENETEC Full timeLa dynamique de votre équipe :Genetec recherche un Spécialiste du Centre d'Opérations de Sécurité (SOC) pour rejoindre son équipe de sécurité de l'information. Cette équipe collabore avec les équipes métiers et techniques pour protéger Genetec, ses employés et ses clients des acteurs malveillants. Ils surveillent les réseaux et systèmes de...
-
Montreal, Quebec, Canada Clyde & Co Full timeEnglish Version FollowsVotre rôleVotre rôle consistera à vous impliquer activement au sein de l'équipe d'avocat·e·s œuvrant dans le champ de pratique de vie privée et cybersécurité du cabinet, plus précisément en matière de réponse aux incidents, également de conseiller nos clients assureurs et leurs assurés qui proviennent de divers secteurs...
Manager, Digital Forensics Incident Response/ Responsable des enquêtes numériques et de la réponse aux incidents
4 days ago
WELCOME TO SITA
At
SITA
, we keep airports moving, airlines flying smoothly, and borders open. Our technology and communication innovations power the success of the global air travel industry.
You'll find us in 95% of international airports, working closely with over 2,500 transportation and government clients. Each partnership brings unique challenges, and we thrive on delivering fresh solutions and cutting-edge tech to keep operations running like clockwork. We don't just move the world forward, we're proud to be recognized as a
Great Place to Work
by our employees and certified in most of our growing locations. Here, we feel empowered, supported, and inspired to grow.
Are you ready to love your job? The adventure begins right here, with you, at SITA.
PURPOSE
As the
Digital Forensics & Incident Response Lead
, you will take full ownership of high-severity investigations—rapidly detecting, containing, and neutralizing threats—while driving digital forensics and proactive threat hunting initiatives. You will act as
Incident Commander
and serve as the primary technical escalation point for complex cases.
You will join SITA's
STORM (Security Threat & Operational Risk Management)
organization, collaborating closely with
SOC, CTI, Cloud/Platform, Product, and customer-facing teams
to enhance detection and response capabilities across SITA, our clients, and the broader air-transport ecosystem.
ABOUT THE ROLE & TEAM
As the
Digital Forensics & Incident Response Lead
, you will take full ownership of high-severity investigations—rapidly detecting, containing, and neutralizing threats—while driving digital forensics and proactive threat hunting initiatives. You will act as
Incident Commander
and serve as the primary technical escalation point for complex cases.
You will join SITA's
STORM (Security Threat & Operational Risk Management)
organization, collaborating closely with
SOC, CTI, Cloud/Platform, Product, and customer-facing teams
to enhance detection and response capabilities across SITA, our clients, and the broader air-transport ecosystem.
WHAT YOU WILL DO
Incident Response & Coordination
- Lead high/critical incident response: containment, eradication, recovery, and post-incident hardening.
- Act as Incident Commander, coordinating SOC, CTI, IT, cloud, product, and business teams.
- Produce reports, executive readouts, and track lessons learned.
- Update playbooks, detections, and response patterns based on evolving threats.
Digital Forensics & Evidence Handling
- Perform forensically sound acquisition and analysis across endpoints, servers, cloud, network, and SaaS.
- Maintain chain-of-custody and document to industry standards.
- Reconstruct attacker activity and map to MITRE ATT&CK.
Threat Hunting & Detection Engineering
- Conduct hypothesis-driven hunts across EDR, SIEM, cloud, and network telemetry.
- Convert findings into high-fidelity detections, analytics, and SOAR automations.
- Validate and tune rules to reduce false positives and improve coverage.
Triage, Monitoring & QA
- Oversee L1/L2 triage quality, severity calibration, and playbook execution.
- Refine thresholds, use cases, runbooks, dashboards, and KPIs.
Tooling, Automation & Telemetry
- Develop scripts and tools to accelerate evidence collection and response.
- Partner with platform owners to improve logging, telemetry, and retention at scale.
ABOUT YOUR SKILLS
- Proven experience leading incident response and digital forensics in hybrid environments.
- Hands-on with EDR (CrowdStrike), SIEM (Splunk, Sentinel, Elastic), and SOAR.
- Scripting for DFIR/automation (Python/PowerShell); familiarity with KQL.
- Deep knowledge of attacker tradecraft and MITRE ATT&CK.
- Excellent communication skills to brief executives and guide teams.
Nice-to-Have:
- Certifications: GCFA, GNFA, GCIH, GREM, OSCP, CISSP.
- Cloud DFIR (Azure/AWS/GCP) and identity-centric investigations (Entra ID/Okta).
- Exposure to OT/airport systems in air-transport environments.
WHAT WE OFFER
We're all about diversity. We operate in 200 countries and speak 60 different languages and cultures. We're really proud of our inclusive environment. Our offices are comfortable and fun places to work, and we make sure you get to work from home too. Find out what it's like to join our team and take a step closer to your best life ever.
Flex Week:
Work from home up to 2 days/week (depending on your team's needs)
Flex Day:
Make your workday suit your life and plans. (Depending on the stakeholders and BISO Directors needs)
Flex Location:
Take up to 30 days a year to work from any location in the world.
Employee Wellbeing:
We've got you covered with our Employee Assistance Program (EAP), for you and your dependents 24/7, 365 days/year. We also offer Champion Health - a personalized platform that supports a range of wellbeing needs.
Professional Development
: Level up your skills with our training platforms, including LinkedIn Learning
Competitive Benefits
: Competitive benefits that make sense with both your local market and employment status.
SITA is an Equal Opportunity Employer. We value a diverse workforce. In support of our Employment Equity Program, we encourage women, aboriginal people, members of visible minorities, and/or persons with disabilities to apply and self-identify in the application process.
