Security Advisor Specialist - Incident Management

About The Position

Requirements

• Strong understanding of log sources (EDR, SIEM, NDR, DNS, email, web proxy, identity (AD/Azure AD)).
• Strong understanding of query languages: CQL, KQL, SQL; correlation and pivoting techniques.
• Strong understanding of detection engineering: rule writing, ATT&CK mapping.
• Understanding of phishing/social engineering techniques, initial access vectors, privilege escalation, lateral movement, and exfiltration.
• Bachelor’s degree in Information Technology, Systems Security Management, or other relevant experience.
• Five (5) to eight (8) years of experience in the information security (cybersecurity) field.
• Expert knowledge of security incident management principles.
• Excellent analytical, synthesis, and problem-solving skills.
• Outstanding team spirit.
• Initiative-taking and self-directed.
• Strong attention to detail and excellent communication skills.
• Ability to mentor team members and transfer knowledge.
• Demonstrated commitment to training, self-learning, and maintaining cybersecurity technical skills.
• Authorization to work in Canada is required.

Nice To Haves

• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.

Responsibilities

• Ensure optimal triage of security alerts while supporting the escalation and eradication of cybersecurity incidents within established timelines.
• Identify anomalies, investigate advanced cyber events, and provide third-level support for investigations and confirmed incidents as required.
• Participate in the cybersecurity incident lifecycle, from preparation through post-mortem.
• Ensure optimal coverage by reviewing detection rules, recommending improvements and/or proposing new rules based on the organization’s operating context.
• Contribute to the creation, enhancement, review, and maintenance of documentation in line with industry best standards.
• Collaborate with various internal teams on projects and initiatives as a subject matter expert (SME) when required.
• Respond to user requests related to cybersecurity.
• Participate in the 24/7 support rotation in collaboration with other team members.

Benefits

• Flexible work arrangements and a hybrid work model
• Possibility to purchase up to 5 extra days off per year
• Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
• Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
• Annual bonus target, based on the base salary, with a potential payout of up to double the target (subject to personal and company performance): 15%
• Employee Share Purchase Plan (ESPP) – with Intact matching 50% of your net shares.
• Pension offerings provide flexibility and long-term security for our employees beyond their careers.
• Defined benefit pension plan