Job Description

Alteo is looking for a Cybersecurity Analyst for a permanent position based in Montreal.
*** Hybrid: 6 days in the office/month ***
Your main responsibility will be to set up and manage the Security Operations Center. You will be involved in developing and optimizing scenarios that need to be monitored and in the comprehensive management of security incidents. You will also actively contribute to the organization's overall security posture.
Responsibilities:

• Collaborate with a multidisciplinary team, internal users, and external suppliers to identify and implement the best security and fraud detection solutions, while complying with standards;
• Help set up and operate the SOC with your team, including continuous monitoring, proactive detection, and incident response.
• Develop, maintain, and improve security incident scenarios (playbooks).
• Manage the entire incident cycle: detection, analysis, containment, eradication, recovery, and post-mortem.
• Collaborate with various internal teams to ensure seamless integration of security processes;
• Use and integrate SIEM/SOAR tools (e.g., Azure Sentinel, GCP - SCC / Mendiant) to automate and orchestrate responses;
• Perform threat hunting activities and integrate threat intelligence into SOC operations;
• Participate in technology monitoring and recommend continuous improvements to the security posture;
• Manage or support security incidents, including after-hours interventions in case of emergency.

Profile:

• DEC/BAC in cybersecurity, IT, software engineering, or equivalent.
• 5+ years of experience in cybersecurity
• 2+ years of experience in a SOC role
• Excellent knowledge of networking and IT security policies and practices, including an understanding of overall security concepts and their cross-functional management: identity management, access management, data management, logging, automation, and monitoring
• Excellent knowledge and field experience in monitoring, detection, and response (SOC)
• Knowledge of the following areas of expertise: cyber defense, infrastructure security, endpoint protection, and cloud security
• Familiarity with security concepts (security events and orchestration)
• Experience with SIEM/SOAR tools and endpoint security solutions
• Skills in scripting languages such as Python, Javascript, PowerShell, and Bash for automating security tasks;
• Experience in infrastructure design or implementation and technical documentation writing;
• Ability to balance governance and cybersecurity operations activities;
• Excellent analytical and synthesis skills;
• Proficiency in the deployment of reference frameworks, concepts, trends, and tools related to technology architecture;
• Very good working knowledge of cloud environments, particularly the operational aspects of Azure and GCP (tenant/org/networking, hub & spoke, monitoring consoles, Grafana, Azure Monitoring/Cloud Monitoring/Grafana/Prometheus, etc.), EntraID, Workforce Identity, Identity Governance, OIDC/OAuth/SAML;
• Experience in an Agile SAFe environment (an asset);
• Demonstrate curiosity and creativity in order to find and implement innovative solutions;
• Ability to work under pressure and manage priorities effectively;
• Demonstrate autonomy and initiative;
• Strong teamwork and collaboration skills.

Alteo est a la recherche d'un Analyste Cybersecurite pour un poste permanent base a Montreal.
*** Hybride : 6 jours au bureau / mois ***
Votre responsabilite principale sera la mise en place et la gestion du centre des operations de securite. Vous serez implique dans le developpement et l'optimisation des scenarios qui devront etre surveilles et la gestion complete des incidents de securite. Vous apporterez egalement votre contribution active a la posture de securite globale de l'organisation.
Responsabilites :

• Collaborer avec une equipe multidisciplinaire, les usagers a l'interne et les fournisseurs a l'externe dans le but d'identifier et d'implanter les meilleures solutions de securite et de detection de fraude, tout en respectant les normes;
• Contribuer a mettre en place avec son equipe et operer le SOC, incluant la surveillance continue, la detection proactive et la reponse aux incidents;
• Developper, maintenir et ameliorer les scenarios (playbook) d'incidents de securite;
• Gerer le cycle complet des incidents : detection, analyse, contention, eradication, retablissement et post-mortem;
• Collaborer avec les equipes diverses equipes internes pour assurer une integration fluide des processus de securite;
• Utiliser et integrer des outils SIEM/SOAR (ex. : Azure Sentinel, GCP - SCC / Mendiant) pour automatiser et orchestrer les reponses;
• Effectuer des activites de chasses aux menaces (Threat hunting) et integrer les renseignements sur les menaces dans les operations du SOC;
• Participer a la veille technologique et recommander des ameliorations continues a la posture de securite;
• Gerer ou appuyer les incidents de securite, incluant les interventions en dehors des heures normales en cas d'urgence.

Profil:

• DEC/BAC en cybersecurite, TI, Genie lociel ou l'equivalent.
• 5+ annees d'experience en cybersecurite
• 2+ annees d'experience dans un role SOC
• Excellentes connaissances de la reseautique ainsi que des politiques et pratiques en securite informatique, soit comprendre les concepts globaux de securite et leur gestion transversale: gestion des identites, gestion des acces, gestion des donnees, journalisation, automatisation et surveillance;
• Avoir d'excellentes connaissances et avoir eu de l'experience de la pratique terrain en surveillance, detection et reponse (SOC);
• Connaitre les domaines d'expertises suivants: Cyberdefense, securisation des infrastructures, protection des endpoints et securisation de l'infonuagique;
• Etre familier avec les concepts de securite (evenement de securite et d'orchestration);
• Experience avec les outils SIEM/SOAR et les solutions de securite des points de terminaison (endpoint);
• Competences de langages de script tels que Python, Javascript, PowerShell et Bash pour l'automatisation des taches de securite;
• Avoir de l'experience dans la conception ou l'implementation d'infrastructure ainsi qu'en redaction de documentation technique;
• Capacite a balancer les activites de gouvernance et des operations de cyber securite;
• Posseder d'excellentes habiletes d'analyse et de synthese ;
• Maitriser le deploiement des cadres de reference, concepts, tendances et outils relies a l'architecture technologique;
• Tres bonne connaissance pratique des environnements infonuagiques, particulierement sur l'aspect operationnel d'Azure et GCP (tenant/org/networking, hub & spoke, consoles de surveillances, grafana, Azure Monitoring/Cloud Monitoring/Grafana/Prometheus, etc.), EntraID, Workforce Identity, Identity Governance, OIDC/OAuth/SAML;
• Experience en environnement Agile SAFe (atout);
• Faire preuve d'une grande curiosite et creativite afin de trouver et de mettre en place des solutions novatrices;
• Capacite a travailler sous pression et a bien gerer les priorites;
• Faire preuve d'autonomie et d'initiative;
• Fortes aptitudes au travail d'equipe et a la collaboration.

Skills Required