Security Analyst - Tier 1

Job Type: Permanent
Location: 9131 Keele Street, Concord, ON, L4K 0G7 
Reporting to: SOC Team Lead
Start Date: ASAP

Uzado offers a simplified risk management approach to cybersecurity strategies, where we help our clients prioritize their action plan through various risk dimensions and road mapping. We provide highly detailed insights to help our clients make better business decisions.

We are looking for a self-motivated Security Analyst- Tier 1 whowill perform information security event analysis and utilize vulnerability assessment software to support our clients. If you have experience working with TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis than we want to hear from you!

  • Monitor and analyze traffic and alerts
  • Investigate and perform in-depth analysis of exploits
  • Provide network expertise to support timely and effective decision making of when to declare an incident
  • Conduct proactive threat research
  • Review security events that are populated in a Security Information and Event Management (SIEM) system
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
  • Independently follow procedures to contain analyze and eradicate malicious activity
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
  • Incident management, response, and reporting
  • Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
  • Track trends, statistics, and key figured for each assigned client
  • Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
  • Reporting
  • Daily Shift change report
  • Incident reports
  • Security status reports
Skills, Experience & Qualifications:
  • Customer-oriented, flexible and demonstrated tendency to go above and beyond
  • Ability to communicate efficiently with clients and internal team members at all levels and across functional and organizational boundaries.
  • Organizational skills and time management/ prioritization.
  • Comfortable working against deadlines in a fast-paced environment.
  • 2-4 years of job-related experience
  • SIEM Experience
    • AlienVault/Qradar/LogRhythm
  • One or more of the following certifications: CISSP, GCIA, Security+, CEH
  • Security Operations Center knowledge
  • TCP/IP Networking
  • Familiarity with common IDS/IPS and Firewalls  (Snort, Cisco, Fortigate, Sourcefire)
  • Experience with Malware Analysis and Reverse Engineering
  • Prior SOC experience (can include internships)
  • Experience with packet analysis and packet capture tools
  • Incident handling/response experience

We’re excited to hear what you would bring to this role and look forward to reading your application!

Send your applications to: