L3 SOC Analyst Incident Responder

Montreal - Canada

Monthly Salary: Not Disclosed

Posted on: 9 hours ago

Vacancies: 1 Vacancy

Job Summary

We are looking for an experienced L3 SOC Analyst / Incident Responder to join our cybersecurity this role you will be responsible for leading advanced threat detection incident response activities and driving the continuous improvement of our security operations. You will be a key player in protecting our clients digital assets from sophisticated cyber threats.

Key Responsibilities:

Advanced Threat Detection: Monitor and analyze security events from various sources including SIEM EDR NDR firewalls and other protection systems. Identify and respond to advanced persistent threats (APTs) and complex security incidents.
Incident Response: Lead incident response efforts including investigation containment eradication and recovery. Coordinate with other teams to manage and mitigate security incidents ensuring minimal impact on business operations.
Forensics and Analysis: Perform in-depth forensic analysis on compromised systems including malware analysis network traffic analysis and log analysis. Document findings and provide detailed incident reports.
Threat Hunting: Proactively hunt for hidden threats in the network using threat intelligence behavioral analysis and anomaly detection techniques. Identify and mitigate potential security risks before they escalate.
Security Improvements: Collaborate with the SOC team to continuously improve detection capabilities including tuning and optimizing SIEM rules developing custom scripts and integrating new tools and technologies.
Training and Mentorship: Provide guidance and mentorship to junior SOC analysts (L1/L2) sharing knowledge and best practices for incident response and threat detection.
Post-Incident Reporting: Prepare detailed post-incident reports that include root cause analysis impact assessments and recommendations for future prevention measures. Communicate findings to senior management and relevant stakeholders.
Incident Playbooks: Develop and maintain incident response playbooks ensuring they are up-to-date and aligned with the latest threat landscape and industry best practices.
Collaboration: Work closely with other IT and security teams including vulnerability management IT operations and network security to strengthen the organizations overall security posture.

Qualifications :

Experience:
- 5 years of experience in a SOC environment with a focus on incident response and advanced threat detection.
- Proven track record of handling complex security incidents and conducting forensic investigations.
Technical Skills:
- Expertise in SIEM platforms (e.g. Splunk QRadar) IDS/IPS firewalls and endpoint detection and response (EDR) tools.
- Proficiency in scripting languages (e.g. Python PowerShell) for automation and custom detection use cases.
- Strong understanding of network protocols malware analysis and cybersecurity frameworks (e.g. MITRE ATT&CK NIST).
- Experience with threat hunting techniques and tools as well as familiarity with threat intelligence platforms.
Soft Skills:
- Excellent problem-solving skills and the ability to work under pressure during high-stress incidents.
- Strong communication skills capable of explaining technical issues to both technical and non-technical stakeholders.
- A proactive mindset with a passion for staying current with the latest cybersecurity trends and threats.

Education:

Bachelors degree in Computer Science Information Security or a related field is preferred.

Remote Work :

Key Responsibilities:

Advanced Threat Detection: Monitor and analyze security events from various sources including SIEM EDR NDR firewalls and other protection systems. Identify and respond to advanced persistent threats (APTs) and complex security incidents.
Incident Response: Lead incident response efforts including investigation containment eradication and recovery. Coordinate with other teams to manage and mitigate security incidents ensuring minimal impact on business operations.
Forensics and Analysis: Perform in-depth forensic analysis on compromised systems including malware analysis network traffic analysis and log analysis. Document findings and provide detailed incident reports.
Threat Hunting: Proactively hunt for hidden threats in the network using threat intelligence behavioral analysis and anomaly detection techniques. Identify and mitigate potential security risks before they escalate.
Security Improvements: Collaborate with the SOC team to continuously improve detection capabilities including tuning and optimizing SIEM rules developing custom scripts and integrating new tools and technologies.
Training and Mentorship: Provide guidance and mentorship to junior SOC analysts (L1/L2) sharing knowledge and best practices for incident response and threat detection.
Post-Incident Reporting: Prepare detailed post-incident reports that include root cause analysis impact assessments and recommendations for future prevention measures. Communicate findings to senior management and relevant stakeholders.
Incident Playbooks: Develop and maintain incident response playbooks ensuring they are up-to-date and aligned with the latest threat landscape and industry best practices.
Collaboration: Work closely with other IT and security teams including vulnerability management IT operations and network security to strengthen the organizations overall security posture.

Qualifications :

Experience:
- 5 years of experience in a SOC environment with a focus on incident response and advanced threat detection.
- Proven track record of handling complex security incidents and conducting forensic investigations.
Technical Skills:
- Expertise in SIEM platforms (e.g. Splunk QRadar) IDS/IPS firewalls and endpoint detection and response (EDR) tools.
- Proficiency in scripting languages (e.g. Python PowerShell) for automation and custom detection use cases.
- Strong understanding of network protocols malware analysis and cybersecurity frameworks (e.g. MITRE ATT&CK NIST).
- Experience with threat hunting techniques and tools as well as familiarity with threat intelligence platforms.
Soft Skills:
- Excellent problem-solving skills and the ability to work under pressure during high-stress incidents.
- Strong communication skills capable of explaining technical issues to both technical and non-technical stakeholders.
- A proactive mindset with a passion for staying current with the latest cybersecurity trends and threats.

Education:

Bachelors degree in Computer Science Information Security or a related field is preferred.

Remote Work :

Key Skills

ArcGIS
Intelligence Community Experience
GIS
Python
Computer Networking
Data Collection
Intelligence Experience
R
Relational Databases
Analysis Skills
Data Management
Application Development

Apply Now

About Company

Act Digital

Act digital est une société de conseil et d’expertise en technologies créée en 2011. Notre vocation est d’accompagner nos clients sur leurs enjeux de transformation numérique. Notre offre s’articule autour des expertises suivantes :Software DeliveryInfrastructure & Cloud ComputingAgil ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click