Security Analyst/ Incident Responder at SITA in Montreal, QC

Description

As Security Analyst - Incident Response, you will co-ordinate and deliver architecture components to meet business requirements through analysis cross -team collaboration and problem resolution

What you will do

• Analyzes client requirements and determines appropriate solutions to these requirements based on business needs and vendor capabilities.

• Supports the design of solutions and system and software architecture according to business strategies standards and processes using existing SITA and third party components as appropriate.

• Resolves routine to moderately complex architecture problems and issues assesses any potential risks and determines solutions to these risks.

• Works with other architects technology experts and business stakeholders to provide architecture support to internal and external clients.

• Analyzes client requirements and determines appropriate solutions to these requirements based on business needs and vendor capabilities.

• Supports the design of solutions and system and software architecture according to business strategies standards and processes using existing SITA and third party components as appropriate.

• Resolves routine to moderately complex architecture problems and issues assesses any potential risks and determines solutions to these risks.

• Works with other architects technology experts and business stakeholders to provide architecture support to internal and external clients.

Qualifications

Who you are

• 5+ years in an IT environment/degree in Electronics & Telecomm or Computer Science

• 3+ years in at least three of the following:

• Incident Response,

• Malware Analysis,

• Threat Intelligence,

• SIEM Log monitoring and threat hunting. Even better if you have experience with security analytics solution such as Splunk, ELK stack,

• End point Detection and Response (EDR)

• Strong understanding of evidence collection techniques, including foresic disk imaging and memory imaging

• Strong understanding of triage and analysis techniques such as memory analysis, timeline establishment, artifact analysis, etc

• Good understanding of the attack ‘kill chain’, common tools, techniques and procedures (TTPs) used by various types of attacker (e.g. hactivist, organized crime, advanced persistent threat, etc.)

• Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)

• Broad understanding of securing end point & perimeter systems

• Good understanding of security compliance frameworks (e.g. ISO/IEC 27001, PCI DSS, etc.)

• Degree in a technical discipline (e.g. Computer Science Engineering Mathematics etc.) or sufficient work experience to demonstrate proficiency at this level.