Lead Security Analyst

SITA   •  

Montreal, QC

8 - 10 years

Posted 239 days ago

This job is no longer available.


  • Assist with digital forensics and incident response investigations, acting as a technical resource.
  • Investigate, analyze and contain malware incidents.
  • Lead the resolution of security issues through working with resolver groups.
  • Evaluate and recommend new security practices and solutions.
  • Ensure detection controls and underlying security architecture and solutions correctly configured and maintained to provide necessary input feeds into the SOC.
  • Develop, maintain and implement SOC processes and procedures including use cases, indicators of compromise, run books etc.
  • Act as an escalation point for Level 2 analysts and provide coaching and mentoring.
  • Act as a security expert to provide advice to resolver groups.
  • Analyze information from threat intelligence sources and recommend and implement requisite actions in line with this information.
  • Contribute to the continuous improvement of security processes, tools and techniques to counter threats faced by SITA and our customers.



8+ years experience in an IT environment, with at least 5 years in a SOC or security analyst capacity.


  • Expert knowledge of configuration and operation of security solutions, including Firewalls, IDS, Internet Filters, DLP, Vulnerability Scanners, Anti-Malware Solutions etc.
  • Excellent understanding of Operating System, and Application logs from a variety of platforms.
  • Strong knowledge of configuration and operation of SIEM Solutions preferably McAfee Enterprise Security Manager (formerly Nitro).
  • Strong knowledge of Windows and Unix/Linux operating systems, and TCP/IP networking.
  • Strong ability to play a leading role in the development, set up and documentation of SOC processes and procedures as well as on-boarding devices and data sources, and SIEM configuration.
  • Strong knowledge of computer forensic tools
  • Strong communication skills, especially in taking technical security information and communicating it to a non-security audience.
  • Good knowledge of Elasticsearch, Logstash and Kibana (ELK) in a security analysis context.
  • Good knowledge of DevSecOps concepts.
  • Good knowledge of malware investigation/reverse engineering.
  • Good ability to perform data analytics.


  • Information Security
  • Infrastructure/Platforms
  • Technical Communication
  • Networking


  • Adhering to Principles & Values
  • Creating & Innovating
  • Customer Focus
  • Results Orientation
  • Teamwork
  • Communication
  • Impact & Influence
  • Leading Execution


  • Degree in a technical discipline (e.g. Information Security, Computer Science, Engineering, Mathematics, etc.) or sufficient work experience to demonstrate proficiency at this level.
  • Professional security designation such as:
    • Certified Information Systems Security professional (CISSP)
    • Certified Ethical Hacker (CEH)
    • Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED), Certified Forensic Analyst (GCFA)
  • Previous experience in network engineering considered an asset.
  • Previous experience in system administration considered an asset.

- 26131