About the role

Security Specialist at Intact providing security solutions in cloud environments. Collaborating within a development team to enhance security posture and develop detection capabilities.

Responsibilities

Collaborate as a member of the development team to design, implement, and maintain robust security solutions in cloud environments.
Integrate security practices seamlessly throughout the application lifecycle to enhance the overall security posture.
Proactively identify and resolve security issues using advanced troubleshooting, analysis, and remediation skills.
Develop and maintain secure and scalable solutions within a containerized environment, ensuring high reliability and performance.
Conduct tuning activities to mitigate false positive or noisy alerts.
Use big data and real-time streaming technologies to build and refine threat detections.
Investigate anomalous and suspicious behavior for new detection opportunities.
Conduct alert validation and triage within SIEM and EDR platforms.
Research, build, and maintain detection capabilities for the latest threats across SIEM correlations and security tool signatures.
Research and innovate net new mitigation, detection, and response capabilities given input from industry trends, customer feedback, and personal research.
Build security detections and detection frameworks.

5 to 8 years in cybersecurity or DevOps or infrastructure team.
At least 3 years of experience in IT Security monitoring (SIEM, SOAR, XDR, TIP, UEBA).
Good Understanding of Log sources: EDR, SIEM, NDR, DNS, email, web proxy, identity (AD/Azure AD), SaaS.
Good Understanding of Query languages: SPL, KQL, SQL; correlation and pivoting techniques.
Good Understanding of Detection engineering: rule writing, ATT&CK mapping.
Good Understanding of Detection-as-Code.
Understanding of threat actors, motivations, and campaigns.
Understanding of Phishing/social engineering, initial access vectors, privilege escalation, lateral movement, exfiltration.
Understanding of Frameworks: MITRE ATT&CK/D3FEND, Cyber Kill Chain.
Knowledge of indicators of compromise (IOCs) vs indicators of attack (IOAs).
AWS/Azure/GCP identities, logging, network controls; common attack paths (IMDS, SSRF, misconfig.
Ability to work effectively in a team while being autonomous.
Excellent communication and collaboration skills.
Passion for continuous learning and innovation.
Your experience and application knowledge in the insurance field, an asset.
Good understanding of common security gaps in data/AI applications.
Bilingual (French and English): Need to interact on a regular basis with an English-speaking clientele and colleagues across the country.
No Canadian work experience required however must be eligible to work in Canada.

Flexible work arrangements and a hybrid work model
Possibility to purchase up to 5 extra days off per year
Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)