Cyber Threat Analyst
Cyber Threat Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Do you enjoy solving technical problems guiding users and sharing your cybersecurity expertise
Are you passionate about cyber analyse and eager to make a real impact from the very first stages of the user journey If so this position is for you!
We are looking for a motivated native Englisch Cybersecurity Analyst to join our team and help strengthen our position as a leader in email security.
This is a full-time permanent position based at our Vancouver BC site.
Tasks
As part of the Vancouver TIRC (Threat and Intelligence Response Center) team your mission is to fight threats by updating HSE security solutions:
To do so you will mainly have to analyze threat events raised by our services:
Qualifying these events according to the different kinds of threat: spam scam phishing spear phishing malware.
Be able to analyze minor threats as well as advanced threats and provide security updates.
Investigate on threat campaigns to identify and block elements used (IPs Domains etc.)
Creating and updating our detection rules (based on regular expressions) to block advanced threats predictively
Using reporting flows and spamtraps to enhance our understanding of senders.
Answering to on some direct customers requests
Monitor Accuracy metrics and run investigations if you observe suspicious behavior
Write documentation and reporting on ongoing threats and techniques used
You have dedicated time to run investigations on a specific topic with other analysts teams (Phishing Spambot Scam etc.)
Requirements
More than skills we are looking for a profile based on:
- Experience as a Cybersecurity analyst (SOC experience ideal)
- High motivation to learn
- Demonstrated ability to perform threat analysis
- Very logical mind (Boolean algebra)
- An interest in data analysis (familiar with a big data tool is an advantage)
- Good relationship
The mission will start with a 3-6 month training with the rest of the team: you will learn from threat definition to the use of our advanced tools to block threats.
In order to ensure your future missions we need you to be curious propose initiatives autonomous resourceful rigorous.
Our activity is various according to the period of the year and the attacks. Consequently we are also looking for someone who is enduring and due to 24/7 who can work during some weekends and national holidays that are planned and compensated.
Good basics for learning (but not imperative)
- Knowledge of regular expressions (Regex posix)
- Control of Windows & Linux environments and commands (bash grep ...)
- Knowledge of HTML
- Knowledge of SMTP protocol
- SPF DMARC DKIM
- Experience with a SIEM / Clickhouse is a plus
- Knowledge of email ecosystem is a plus
- Native level proficiency in English language required
Benefits
- Free space for innovation and autonomy in a fast-growing international company & Opportunities for personal and professional development.
Short decision-making processes and flat hierarchies in an open work environment. - Additional sick leave days and public holidays & Home-office option and flexible working hours.
- Collective insurance plan & Be-Active Bonus we support your health with a contribution towards your membership in fitness and sports clubs.
- Way to Work goodie & Team events and regular global meetings.
- Temporary employee exchange program opportunity to work at our global offices and explore the world (e.g. Malta Madrid Berlin Washington D.C.).
Employment Type
Full Time
