Role : SOC N1 Security Analyst 
Location : Toronto, ON 
The candidate must be fluent in French

Job Description:

The SOC N1 Security Analyst is responsible for protecting client infrastructures from cyberattacks. To do this, they will need to detect, qualify, and respond to security events.
Main Responsibilities:

Alert Management:

• Monitor security incidents;
• Conduct in-depth analysis of incidents, classify them according to procedures, and determine if they pose a real threat or not;
• Handle or escalate alerts according to procedures;
• Create tickets in the dedicated platform (Connecwise);
• Follow up on assigned alerts;
• Produce documentation related to incidents and their handling;
• Communicate with clients as needed;
• Monitor our clients infrastructures to detect threats ("health check").

Client Relationship:

• Maintain the relationship with the client. Communicate and collaborate with clients to share information on incidents or events (when critical).

Training:

• Participate in the onboarding process;
• Participate in team training;
• Stay informed about technological developments (training, reading) and sector news.

Leadership:

• Propose improvements that can be made to the SOC;
• Follow SOC procedures.
• Security
• Ensure the protection of client data;
• Follow the company's and clients' data security guidelines;
• Report incidents and anomalies affecting ESI operations to the internal security team.
• Additional Information about the Position:
• Use existing tools and provide feedback to levels 2 and 3 for continuous improvement;

Desired Profile:

• Completed education in computer science;
• Operating systems (Linux, Windows, Mac (optional));
• Network protocols (TCP, UDP, IP, ICMP, L7 protocols);
• Basic knowledge of SIEM technologies;
• Best practices in network architecture and basic understanding of network devices;
• Basic Knowledge on Asset management;
• Security threats and attack countermeasures;
• Knowledge and expertise of Qradar
• Ability to find relevant information on global threats;
• Ability to conclude an incident analysis in 20-40 minutes or escalate in 20-40 minutes;
• Ability to learn from a previous escalation to deduce the escalation of a similar incident;
• Have or be preparing one of the following certifications:
• CompTIA CYSA;
• CCNA;
• Qradar SOC Analyst;
• EDR Solutions (Crowdstrike, SentinelOne);
• EC-Council SOC Analyst.
• Very good level of English, both written and spoken;
• Good time and priority management;
• Good written and verbal communication;
• Good teamwork and collaboration skills;
• Good sense of urgency;
• Rigor.