A prestigious Finance Tech proprietary trading firm is hiring for a SOC Analyst
The position is located in Downtown Montreal (Hybrid Environment)
Competitive based Salary + Performance bonus
You'll be joining the Global Cybersecurity Team, and further continue the efforts to improve the security posture.
▪ Monitor alerts for potential security incidents and requests for information. This includes, but is not limited to monitoring of real-time channels, tools, dashboards, periodic reports, chat sessions, and tickets.
▪ Follows incident-specific protocols or procedures to perform a basic triage of potential security incidents to determine their nature and priority and eliminate obvious false positives and process requests for information.
▪ Escalate potential security incidents to senior analysts and implement countermeasures/mitigating controls.
▪ Serve as a subject matter expert in at least one security-related area (e.g. Malware re-engineering, Cloud Security, Phishing, Deception etc)
▪ Coordinate with stakeholders with supporting third-party security service providers to triage alerts, events, or incidents. ▪ Monitor and analyze SIEM to identify security issues for remediation.
▪ Create SIEM policy rulesets.
▪ Recognize all attempts of potential, successful, and unsuccessful types of instructions and compromises
▪ Perform thorough reviews and analyses of relevant event detail and summary information.
▪ Interface with a variety of customers in a polite, positive, and professional manner.
▪ Create documentation on all actions taken in a ticketing system
▪ Bachelor's degree in cyber security or other related disciplines
▪ 3-6 Years with a minimum of three years in the Information Security / Cybersecurity domain with a focus on security event monitoring and analysis in the Financial Services Industry
▪Willing to work on Saturday/Sunday with other days being flexible (This is still a full-time position); but its imperative that we have weekend coverage for the Information Security Team to cover Crypto Trading against threats!
▪ Analyzing detected security events
▪ Performing triage of potential security incidents
▪ Experience with the following: SIEM, IDS/IPS, Network/Host based firewalls, data leakage prevention (DLP).
▪ Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
▪ Scripting Experience in Python, Bash, or PowerShell
▪ Willing to work on any of three shifts to offer 24 hours support service.
Qualifications (Nice to Haves):
▪ Master's degree in Cyber Security or other related disciplines
▪ Certifications: Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH).
▪ Understanding of common network devices such as routers, switches.
▪ Understanding of basic networking protocols such as IP, DNS, HTTP.
▪ A strong desire to understand the what / why / how of security incidents.