Analyste, sécurité de l'information | Cybersecurity Analyst

FLO | AddÉnergie is looking for an Information Security Analyst to support the daily threat monitoring operations, as well as actively participate in our cyber security improvement projects.

Reporting to the Information Security Manager and working closely with the IT and R&D teams, the Security Analyst participates in the detection of threats and vulnerabilities, the investigation of security incidents and the development of our capabilities to counter cyber threats. He/she distinguishes him/herself by his/her ability to analyze information sources, his/her excellent judgment and his/her ability to popularize and communicate IT security concepts.

The first important mandate of the security analyst will be to actively participate in the SOC2 certification project, to support the various teams in better securing their practices and infrastructures as well as in penetration testing activities. In collaboration with the IT support team, Cloud Administration and Software R&D, he/she will ensure that projects meet security requirements while respecting customer and corporate needs.

BY JOINING OUR TEAM, YOU WILL

o Work with the various business units to identify security requirements and help these teams implement them.

o Teach cyber security best practices during interactions with company employees.

o Support and enhance daily operations in threat detection, system vulnerability identification and reporting, and the analysis and investigation aspects of security incidents.

o Participate in evidence collection activities for internal audits and certification audits.

o Support the manager with governance, risk management, asset management, compliance, security awareness, etc.

o Collaborate on intrusion tests on our products and infrastructure.

Requirements

ABOUT YOU

o Bachelor's degree in computer science or related discipline or DEC and sufficient experience

o 5 years experience in IT (Network, Support and/or Administrator)

o 2 years experience in IT security. (Blue team/Red team/Compliance)

o Knowledge: NIST, SOC2, Iso 27001, PCIDSS, HighTrust, GDPR, OWASP Top 10, Pentest/Red Team, Threat intelligence, Security Incident management, Vulnerability management, Data forensics, Sandboxing/Malware analysis, Security governance and Security compliance.

o IT tools: Splunk/SIEM, Qualys, Mandiant Redline, Kali Linux, Powershell, VirusTotal/Hybrid Analysis, IOC/Threat Intelligence, MS Azure, Office 365, Azure AD, Microsoft EDR/Crowdstrike/CarbonBlack, Windows, Linux.

o Language skills: French / English

o Qualities and attributes:

o Comfortable with Cloud technologies

o Up to date with new technologies and trends in Cyber Security.

o Attention to detail

o Empathy / Soft skill

o Sense of humor

STRENGTHS

o Passionate about the Cyber Security field

o Autonomy, interpersonal skills, discernment, organizational skills, problem solving, good priority management

o Recognized as a solution-oriented collaborator

o Good communication skills and ability to listen

o Be the happy driver of an electric vehicle!

Benefits

• Competitive compensation
• Comprehensive insurance plan
• Group RRSP
• Group life insurance
• Charging days in addition to vacation days
• Paid vacations
• Work from home - flexible hours
• Training and development
• Employee Assistance Program