The Cybersecurity department located at 600 de la Gauchetière (Montreal) is looking for a Cloud security Analyst to complete the Incident response team. This team is mandated to assure the surveillance, the investigation and the response for all cybersecurity incidents for NBC. Our mission is to monitor all the Cyber Threats against NBC and to continually increase the security posture of the organization.
Under the CSIRT manager, you will act as a cloud security expert inside the cyber security incident response team. You will work with the team to improve our detection and response strategies. You will also have to ensure a good flow of communication between the bank security teams and identify ways to improve our teams efficiency.
In a cloud integration perspective, you will:
Analyze security alerts
Analyze data sources from cloud application
Contribute to create new playbook in the cloud monitoring tools
Analyze all security events derived from abnormal activities or attempts
Declare security incidents resulting from analysis and start incident management process
Report intrusion detection alerts to security incident management team
Investigate security incidents and alerts
Records and manage the incidents
Collaborate with different IT teams
Carry out checks and control to ensure the security of IT systems
Demonstrate good analytical skills
Share your knowledge with your team and facilitate the learning curve of your teammates
Be a Fast learner, Self-driven, highly motivated, have can do attitude, able to work with minimum supervision
Work in a service level agreement and objective environment, with deadlines
Experience in operational security management (vulnerabilities, incidents, fraud, patches, antivirus, intrusions…)
General network background including familiarity with OSI and TCP/IP models, ports and protocols, and Internet communications technologies (HTTP, DNS, SMTP, etc)
Experience in Python programming
Good knowledge in API integration (SOAP and REST)
Basic knowledge of Cloud Security tools such as AWS GuardDuty, Azure ATP
Good Knowledge of SIEM infrastructure and Cloud challenges
Good knowledge of windows and Linux command line language
General knowledge of network, AD, Antivirus, Web services, email/antispam servers, DNS…
General knowledge of cybersecurity and types of threats associated
General knowledge of Cloud technologies such as AWS, GCP, Azure and their integration
Familiarity with various network attacks and attack methods such as network scans, password guessing, cross-site scripting, sql injection, etc.
Familiarity with MITRE framework, Cyber Kill-chain
Familiarity with network- and host-based security technologies and products (firewalls, IDS/IPS, AV, web filters, UTM)
Any cybersecurity certification or achievement will be considered as an asset
Bilingualism (spoken/written) English and French
The Bank has innovated by modernizing its performance evaluation system to better meet our clients’ evolving needs. From now on, the corporate values (expected behaviours) of partnership, agility and empowerment count as much as the business objectives.
Working at National Bank means having access to competitive working conditions, a wide range of employee benefits, a dynamic work environment and telemedicine services.
National Bank sees diversity as a great source of wealth and values it in all its dimensions. Its objective is to offer an open, respectful work environment where all employees can achieve their full potential. Senior management's concrete commitment helps spread this value across all sectors in the organization. The Bank has been ranked among the top employers for diversity in Canada for several years.