IT Jobs Openings

Alteo is looking for a Cybersecurity Analyst for a permanent position based in Montreal.

*** Hybrid: 6 days in the office/month ***

Your main responsibility will be to set up and manage the Security Operations Center. You will be involved in developing and optimizing scenarios that need to be monitored and in the comprehensive management of security incidents. You will also actively contribute to the organization's overall security posture.

Responsibilities:

• Collaborate with a multidisciplinary team, internal users, and external suppliers to identify and implement the best security and fraud detection solutions, while complying with standards;
• Help set up and operate the SOC with your team, including continuous monitoring, proactive detection, and incident response.
• Develop, maintain, and improve security incident scenarios (playbooks).
• Manage the entire incident cycle: detection, analysis, containment, eradication, recovery, and post-mortem.
• Collaborate with various internal teams to ensure seamless integration of security processes;
• Use and integrate SIEM/SOAR tools (e.g., Azure Sentinel, GCP - SCC / Mendiant) to automate and orchestrate responses;
• Perform threat hunting activities and integrate threat intelligence into SOC operations;
• Participate in technology monitoring and recommend continuous improvements to the security posture;
• Manage or support security incidents, including after-hours interventions in case of emergency.

Profile:

• DEC/BAC in cybersecurity, IT, software engineering, or equivalent.
• 5+ years of experience in cybersecurity
• 2+ years of experience in a SOC role
• Excellent knowledge of networking and IT security policies and practices, including an understanding of overall security concepts and their cross-functional management: identity management, access management, data management, logging, automation, and monitoring
• Excellent knowledge and field experience in monitoring, detection, and response (SOC)
• Knowledge of the following areas of expertise: cyber defense, infrastructure security, endpoint protection, and cloud security
• Familiarity with security concepts (security events and orchestration)
• Experience with SIEM/SOAR tools and endpoint security solutions
• Skills in scripting languages such as Python, Javascript, PowerShell, and Bash for automating security tasks;
• Experience in infrastructure design or implementation and technical documentation writing;
• Ability to balance governance and cybersecurity operations activities;
• Excellent analytical and synthesis skills;
• Proficiency in the deployment of reference frameworks, concepts, trends, and tools related to technology architecture;
• Very good working knowledge of cloud environments, particularly the operational aspects of Azure and GCP (tenant/org/networking, hub & spoke, monitoring consoles, Grafana, Azure Monitoring/Cloud Monitoring/Grafana/Prometheus, etc.), EntraID, Workforce Identity, Identity Governance, OIDC/OAuth/SAML;
• Experience in an Agile SAFe environment (an asset);
• Demonstrate curiosity and creativity in order to find and implement innovative solutions;
• Ability to work under pressure and manage priorities effectively;
• Demonstrate autonomy and initiative;
• Strong teamwork and collaboration skills.