Role Description The L3 Production Cybersecurity Analyst position will provide security expertise to the 24/7 Security Operations Center (SOC). The main objective of this position is to contribute to the coordination and reporting of cyber incidents affecting the bank's critical assets by detecting, preventing, and responding to cyber threats targeting our group's infrastructure. This role provides essential support to the company-wide cybersecurity program through regional partnerships with our various business lines and, externally, with our customers, partners, and regulators. As a Cybersecurity Analyst, you are not only responsible for real-time monitoring, analysis, and resolution of identified security incidents, but also for the development and continuous improvement of the capabilities of the 24/7 SOC, the first line of defense for identifying potential information security incidents. Responsibilities - Provide analysis and monitoring of security log trends from numerous heterogeneous security devices; - Be responsible for the development and validation of use cases; - Provide incident response (IR) support or escalate when analysis confirms an actionable incident; - Provide threat and vulnerability analysis and security consulting services; - Develop a threat hunting program and capabilities; - Analyze and respond to previously undisclosed software and hardware vulnerabilities; - Investigate, document, and report on information security issues and emerging trends; - Conduct threat hunting activities to identify potential adversaries present in the network; - Perform analysis on compromised systems to identify the extent and nature of the compromise and provide remediation recommendations; - Provide support and/or conduct research for any security-related questions or incidents; - Perform tasks independently with a certain level of supervision; - Integrate and share information with other analysts and teams; - Monitor internal bank sources that may indicate security incidents, health alerts from monitored solutions, and requests for information; - Follow incident-specific procedures to triage potential incidents, validate and determine necessary mitigation measures, and keep these procedures up to date; - Escalate potential security incidents to Level IV engineers, implement countermeasures where appropriate, and recommend operational improvements; - Maintain accurate incident notes in the case management system; - Maintain in-depth knowledge of the bank's technology architecture, known weaknesses, and recent incidents; - Continuously improve the service by identifying and correcting gaps, adjusting false positives, and recommending new tools; - Serve as a recognized expert in at least one security-related field; - Actively seek professional development through continuous learning; - Comply with internal operational security rules and other policies; - Carry out small ad hoc tasks/projects that may be assigned to you. Qualifications - Knowledge or 3-5 years of experience with the following technologies: SIEM, ELK, IDS/IPS, network and host firewalls, data leak prevention (DLP); - Direct experience with antivirus software, endpoint detection and response (EDR) solutions, firewalls, and content filtering; - Demonstrable experience or knowledge in incident response, log analysis, and PCAP file analysis; - Good knowledge of network fundamentals, e.g., OSI model, TCP/IP, DNS, HTTP(S), SMTP; - Good understanding of threat actors' methods of attack against a network; - Knowledge of Windows and/or Linux operating systems and investigation methods; - Motivation to learn and contribute to the team's ongoing development; - Recommended certifications: GCFA, GCIH, OSCP, or equivalent; - Excellent communication skills in English are required. Requirements - Only candidates legally authorized to work for any employer in Canada will be considered. Benefits - Minimum of 3 weeks of vacation starting from the first year; - Comprehensive group insurance with a generous employer contribution; - Employer contribution to a group RRSP; - Full remote work flexibility: Hybrid, Remote, or On-site; - A warm, bright, and welcoming office offering fresh fruit, coffee, beverages, occasional meals, etc.; - Annual IT equipment budget; - A balanced work environment with flexible working hours; - Career development: training and certifications, online or in-person learning, Wepoint Academy, etc.; - An international community of experts ready to share their knowledge; - A company culture focused on individuals’ needs and their belonging to a strong community.

Role Description The L3 Production Cybersecurity Analyst position will provide security expertise to the 24/7 Security Operations Center (SOC). The main objective of this position is to contribute to the coordination and reporting of cyber incidents affecting the bank's critical assets by detecting, preventing, and responding to cyber threats targeting our group's infrastructure. This role provides essential support to the company-wide cybersecurity program through regional partnerships with our various business lines and, externally, with our customers, partners, and regulators. As a Cybersecurity Analyst, you are not only responsible for real-time monitoring, analysis, and resolution of identified security incidents, but also for the development and continuous improvement of the capabilities of the 24/7 SOC, the first line of defense for identifying potential information security incidents. Responsibilities - Provide analysis and monitoring of security log trends from numerous heterogeneous security devices. - Be responsible for the development and validation of use cases. - Provide incident response (IR) support or escalate when analysis confirms an actionable incident. - Provide threat and vulnerability analysis and security consulting services. - Develop a threat hunting program and capabilities. - Analyze and respond to previously undisclosed software and hardware vulnerabilities. - Investigate, document, and report on information security issues and emerging trends. - Conduct threat hunting activities to identify potential adversaries present in the network. - Perform analysis on compromised systems to identify the extent and nature of the compromise and provide remediation recommendations. - Provide support and/or conduct research for any security-related questions or incidents. - Perform tasks independently with a certain level of supervision. - Integrate and share information with other analysts and teams. - Monitor internal bank sources that may indicate security incidents, health alerts from monitored solutions, and requests for information. - Follow incident-specific procedures to triage potential incidents, validate and determine necessary mitigation measures, and keep these procedures up to date. - Escalate potential security incidents to Level IV engineers, implement countermeasures where appropriate, and recommend operational improvements. - Maintain accurate incident notes in the case management system. - Maintain in-depth knowledge of the bank's technology architecture, known weaknesses, and recent incidents. - Continuously improve the service by identifying and correcting gaps, adjusting false positives, and recommending new tools or scripts. - Serve as a recognized expert in at least one security-related field. - Actively seek professional development through continuous learning and aim to progress to the Analyst IV level. - Comply with internal operational security rules and other policies. - Carry out small ad hoc tasks/projects that may be assigned to you. Qualifications - Knowledge or 3-5 years of experience with the following technologies: SIEM, ELK, IDS/IPS, network and host firewalls, data leak prevention (DLP). - Direct experience with antivirus software, endpoint detection and response (EDR) solutions, firewalls, and content filtering. - Demonstrable experience or knowledge in incident response, log analysis, and PCAP file analysis. - Good knowledge of network fundamentals, e.g., OSI model, TCP/IP, DNS, HTTP(S), SMTP. - Good understanding of threat actors' methods of attack against a network: phishing, port scans, web application attacks, DDoS, lateral movement. - Knowledge of Windows and/or Linux operating systems and investigation methods to detect signs of compromise. - Motivation to learn and contribute to the team's ongoing development. - Recommended certifications: GCFA, GCIH, OSCP, or equivalent. - Excellent communication skills in English are required as the position involves communicating with stakeholders outside Quebec. - Only candidates legally authorized to work for any employer in Canada will be considered. Benefits - Minimum of 3 weeks of vacation starting from the first year. - Comprehensive group insurance with a generous employer contribution. - Employer contribution to a group RRSP. - Full remote work flexibility: Hybrid, Remote, or On-site. - A warm, bright, and welcoming office offering fresh fruit, coffee, beverages, occasional meals, etc. - Annual IT equipment budget. - A balanced work environment with flexible working hours. - Career development: training and certifications, online or in-person learning, Wepoint Academy, etc. - An international community of experts ready to share their knowledge. - A company culture focused on individuals’ needs and their belonging to a strong community.

• Perform hands-on Application Security assessments including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and manual code reviews. • Identify, analyze, and remediate vulnerabilities in web, mobile, and API applications (OWASP Top 10, API Security, etc.). • Lead and support Software Supply Chain Security initiatives: Dependency vulnerability management, SBOM (Software Bill of Materials) generation and analysis. • Conduct threat modeling for applications and integration points. • Review and secure build pipelines, container images, and third-party libraries. • Work closely with development, DevOps, and infrastructure teams to embed security into the SDLC. • Monitor and triage security findings from various AppSec tools. • Support Cloud Security posture reviews (basic knowledge required) – IAM, network security, and cloud misconfigurations. • Prepare clear security reports, risk assessments, and remediation guidance for stakeholders. • Stay updated with emerging threats in application security and software supply chain attacks (e.g., SolarWinds, Log4j, dependency confusion).

• In this role you’ll lead the design, architecture, and implementation of enterprise security systems across on-prem and Azure environments • In this role you’ll drive strategic security initiatives and advise leadership on risks, threats, and security posture • In this role you’ll direct complex investigations and incident response efforts, serving as an escalation point for critical security events • In this role you’ll architect, deploy, and manage advanced security tools including Azure-native platforms such as Defender for Cloud and Sentinel • In this role you’ll monitor, detect, and respond to threats across network, endpoint, and cloud environments using automated and manual methods • In this role you’ll perform risk assessments, security testing, and control validations to ensure safeguards are effective and compliant • In this role you’ll partner with business and IT teams to implement secure solutions and enforce access controls and policies • In this role you’ll maintain thorough documentation, reporting, and threat intelligence to support audits, compliance, and continuous improvement