CALL US 647-847-4660

Security Analyst - Tier 1

Job Type: Permanent
Location: 9131 Keele Street, Concord, ON, L4K 0G7 
Reporting to: SOC Team Lead
Start Date: ASAP

Uzado offers a simplified risk management approach to cybersecurity strategies, where we help our clients prioritize their action plan through various risk dimensions and road mapping. We provide highly detailed insights to help our clients make better business decisions.

We are looking for a self-motivated Security Analyst- Tier 1 who will perform information security event analysis and utilize vulnerability assessment software to support our clients. If you have experience working with TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis than we want to hear from you!

Daily Duties:

  • Monitor and analyze traffic and alerts
  • Investigate and perform in-depth analysis of exploits
  • Provide network expertise to support timely and effective decision making of when to declare an incident
  • Conduct proactive threat research
  • Review security events that are populated in a Security Information and Event Management (SIEM) system
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
  • Independently follow procedures to contain analyze and eradicate malicious activity
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
  • Incident management, response, and reporting
  • Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
  • Track trends, statistics, and key figured for each assigned client
  • Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
  • Reporting
  • Daily Shift change report
  • Incident reports
  • Security status reports

Preferred Qualifications and Skills:

  • 2-4 years of job-related experience
  • SIEM Experience
    • AlienVault/Qradar/LogRhythm
  • One or more of the following certifications: CISSP, GCIA, Security+, CEH
  • Security Operations Center knowledge
  • TCP/IP Networking
  • Familiarity with common IDS/IPS platforms (Snort, Cisco, Fortigate, Sourcefire)
  • Experience with Malware Analysis and Reverse Engineering
  • Prior SOC experience (can include internships)
  • Experience with packet analysis and packet capture tools
  • Incident handling/response experience
  • Experience with web technologies and databases

We're excited to hear what you would bring to this role and look forward to reading your application!

Send your applications to: