Job Title : Security Analyst
Location : Montreal, Quebec
Assignment duration : 5 months
Working Mode : Hybrid (2 days / week in person are required)
Language : French
Job Description
Main Responsibilities
- Perform the analysis and contextualization of the CNAPP results.
- Participate in the evolution of the CNAPP and the continuous improvement of the posture and remediation processes.
- Track deviations and collaborate with members of the different teams.
Additional Responsibilities
- With the support and assistance of your management :
- Analyze problematic situations and suggest possible solutions.
- Produce analysis reports on services or asset configurations.
- Ensure compliance with the security policies of the different platforms.
- Provide advice to ensure compliance with information security procedures and policies.
- Support other team members in day-to-day implementation.
- Contribute to the overall monitoring of the company.
Requirements and qualifications required
- At least 5 years of relevant experience in cybersecurity, including 3 in the field of cloud security or any other related field
- Very good knowledge of Google Cloud Platform and Amazon Web Service cloud infrastructures
- Good knowledge of GCP products and services (Cloudrun, BigQuery, Text-to-speech, Pub / Sub) and AWS (RDS, DynamoDB, S3, Lambda)
- The person sought has excellent skills in priority management, autonomy, adaptability and team cohesion
- Knowledge of how a CNAPP (CSPM, CWPP, CIEM) works
- Knowledge of different security frameworks (CIS, NIST, AWS Foundational Security Best Practices, etc.)
- Knowledge of container environments and orchestration solutions (K8S, ECS Fargate)
- Experience in managing and maintaining cloud infrastructure
- Generic infrastructure knowledge : Proxy, firewalls, Active Directory, DNS, Telecommunications (network interconnection)
- Understanding of global security concepts as a transversal capacity : Identity management, Access management, logging, Automation and monitoring.
- Having certifications in cloud security will be considered a great asset
Description du poste
Responsabilités principales
- Effectuer l’analyse et la contextualisation des résultats du CNAPP.
- Participer à l'évolution du CNAPP et l'amélioration continue des processus de posture et de remédiation.
- Faire le suivi des écarts et collaborer avec les membres des différentes équipes.
Responsabilités supplémentaires
Avec le support et le soutien de votre gestion :
- Analyser des situations problématiques et suggérer des pistes de solutions.
- Produire des rapports d'analyses sur des services ou des configurations d’actifs.
- S’assurer du respect des politiques de sécurité des différentes plateformes.
- Donner des conseils afin d'assurer la conformité aux procédures et aux politiques en matière de sécurité de l'information.
- Supporter les autres membres de l'équipe dans la réalisation au quotidien.
- Contribuer à la surveillance globale de l’entreprise.
Exigences et qualifications requises
- Au minimum 5 ans d’expérience pertinente en cybersécurité dont 3 dans le domaine de la sécurité infonuagique ou tout autre domaine connexe
- Très bonne connaissance des infrastructures infonuagiques Google Cloud Platform et Amazon Web Service
- Bonne connaissance des produits et services de GCP (Cloudrun, BigQuery, Text-to-speech, Pub / Sub) et AWS (RDS, DynamoDB, S3, Lambda)
- La personne recherchée possède d'excellentes compétences en matière de gestion des priorités, d'autonomie, d'adaptabilité et de cohésion d'équipes
- Connaissance du fonctionnement d’un CNAPP (CSPM, CWPP, CIEM)
- Connaissance des différents cadres de sécurité (CIS, NIST, AWS Foundational Security Best Practices...)
- Connaissance des environnements en conteneur ainsi que des solutions d'orchestration (K8S, ECS Fargate)
- Expérience dans la gestion et le maintien d'infrastructure infonuagique
- Connaissances génériques en infrastructure : Proxy, coupe-feux, Active Directory, DNS, Télécommunication (interconnexion des réseaux)
- Compréhension des concepts globaux de sécurité comme capacité transverse : Gestion des identités, Gestions des accès, journalisation, Automatisation et surveillance.
Posséder des certifications en sécurité infonuagique sera considéré comme un grand atout
IT Security Operations Analyst
Subject matter expertise, including a solid working knowledge in SOC, EDR, network security, web security, mail security, and vulnerability management technologies. IT Security Operations Analyst. The information security team provides an IT secure environment by monitoring, analyzing, and protectin...
Analyste, sécurité des opérations TI / IT Security Operations Analyst
Subject matter expertise, including a solid working knowledge in SOC, EDR, network security, web security, mail security, and vulnerability management technologies. Position title: IT Security Operations Analyst. Domtar’s information security team provides an IT secure environment by monitoring, ana...
Analyste de sécurité TI / Security Analyst IT
Assurance Groupe dès le jour 1.PAE Programme d’aide aux employés.Pourquoi travailler pour nous?.Depuis plus de 35 ans, nous sommes engagés à soutenir les professionnels de la santé afin qu’ils puissent se concentrer sur le plus important : le bien-être des Canadiens.Transformez votre carrière e...
Information Security Risk Assessment Analyst
Information Security Risk Assessment Analyst. Reviewing results with system owners/vendors and Senior Security Architecture Analysts, as needed. Excellent security knowledge (access control) of one or more applicable security technologies or platforms including SSO (Single Sign-On) technologies like...
Security Incident Analyst 2
As part of the Behavox Cyber Security team the Security Incident Response Analyst will monitor, detect, analyze, and mitigate cyber security incidents. Improve and optimization of SIEM security events working on a team dedicated to extraordinary Cyber Security standards. Experience working with Secu...
Security Analyst Expert - MSD
As part of managed security contracts, the Security Analyst configure managed security devices, diagnose network issues, integrate security devices. The Security Analyst recommends best security practices and doesn't hesitate to get customer buy in. The Security Analyst is a member of GoSecure's MSD...
ERP Lead Security Analyst (Finance) (Hybrid)
The Finance ERP Security Analyst is responsible for managing and overseeing the security, and control aspects of Finance ERP systems, ensuring the protection of sensitive data and compliance with relevant regulations. ERP Lead Security Analyst (Finance) (Hybrid). Monitor system logs and security ale...
Information Security Risk Assessment Analyst
Information Security Risk Assessment Analyst. Reviewing results with system owners/vendors and Senior Security Architecture Analysts, as needed. Excellent security knowledge (access control) of one or more applicable security technologies or platforms including SSO (Single Sign-On) technologies like...
Senior Analyst, Application Development and Support (Corporate Security) - 34016
The Senior Analyst, Application Development and Maintenance, develops, delivers and maintains applications as per desired technology architecture and business requirements while ensuring highest quality of end-products through introduction of new tools, technology and practices for evolution of proc...
Security Risk Assessment Analyst
Security Risk Assessment Analyst. Reviewing results with system owners/vendors and Senior Security Architecture Analysts, as needed. Excellent security knowledge (access control) of one or more applicable security technologies or platforms including SSO (Single Sign-On) technologies like SAML2. Exce...