Job Closed
This listing is no longer active.
Production Security Specialist
Location
Canada
Posted
32 days ago
Salary
0
Seniority
Mid Level
Job Description
Production Security Specialist
Wepoint
Role Description Le(la) Spécialiste Sécurité de Production – Équipe Purple fournit une expertise en cybersécurité au Centre des opérations de sécurité (SOC) 24/7. L’objectif principal du poste est de : - Développer, mettre en œuvre et améliorer en continu les cas d’usage de sécurité et les règles de corrélation; - Détecter, prévenir et répondre aux cybermenaces visant les infrastructures du groupe; - Apporter un soutien critique au programme global de cybersécurité via des partenariats internes et externes. Le poste implique également : - Participation au Threat Hunting; - Contribution aux enquêtes de cybersécurité; - Renforcement des capacités SOC en tant que première ligne de défense. Responsibilities - Analyser et assurer le suivi des logs de sécurité provenant de multiples systèmes; - Développer et valider des cas d’usage de sécurité; - Concevoir et faire évoluer les capacités de Threat Hunting; - Investiguer, documenter et rapporter les incidents de sécurité et tendances émergentes; - Identifier des adversaires potentiels via des activités de chasse aux menaces; - Participer à des exercices avec les équipes Purple pour détecter et corriger les écarts; - Fournir du support et répondre à toute question liée à la sécurité; - Travailler de manière autonome avec supervision limitée; - Collaborer avec d’autres analystes et équipes; - Appliquer les procédures d’incident et effectuer le triage (analyse, validation, mitigation); - Escalader les incidents critiques vers les niveaux supérieurs; - Proposer des améliorations opérationnelles; - Maintenir une connaissance des architectures, outils et menaces; - Améliorer en continu les services : correction des lacunes, tuning des faux positifs, recommandations de nouveaux cas d’usage ou contre-mesures. Complementary Responsibilities - Agir comme expert (SME) dans au moins un domaine de cybersécurité (ex : malware, scripting); - Maintenir une veille technologique et améliorer ses compétences; - Respecter les politiques internes et normes de sécurité; - Collaborer avec les équipes de sécurité globales (EMEA, APAC, AMER); - Participer ponctuellement à des projets. Qualifications - Minimum 5 ans d’expérience (niveau 2) en gestion des incidents de sécurité IT; - Solide culture cybersécurité; - Connaissance des environnements : réseaux, infrastructures, UNIX / Windows, bases de données, outils de déploiement; - Bonne maîtrise des outils de sécurité : SIEM, EDR, IDS/IPS, pare-feux réseau et hôtes, DLP; - Connaissance approfondie : analyse de logs, réponse aux incidents, analyse des causes; - Compétences techniques : scripting (Shell, Python, PowerShell, Java, SQL, Ansible); - Bonne compréhension : réseaux (OSI, TCP/IP, DNS, HTTP/HTTPS, SMTP), méthodes d’attaque (phishing, scans, web attacks, DDoS, mouvements latéraux); - Certifications (atout) : GCFA, GCIH, OSCP ou équivalent. Benefits - Minimum of 3 weeks of vacation starting from the first year; - Comprehensive group insurance with a generous employer contribution; - Employer contribution to a group RRSP; - Full remote work flexibility: Hybrid, Remote, or On-site; - A warm, bright, and welcoming office offering fresh fruit, coffee, beverages, occasional meals, etc.; - Annual IT equipment budget; - A balanced work environment with flexible working hours; - Career development: training and certifications, online or in-person learning, Wepoint Academy, etc.; - An international community of experts ready to share their knowledge; - A company culture focused on individuals’ needs and their belonging to a strong community.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Account Executive, Data Security – Majors
ZscalerZscaler helps leading organizations in 180+ countries securely transform their networks and applications for a mobile and cloud-first world. Founded in 2008, th
• Serve as the primary specialist for customers, partners, and internal teams to drive revenue growth across the data security product portfolio • Partner with domain-expert solution engineers to capture customer requirements and craft compelling value propositions that close complex business deals • Own the regional quota and territory achievement by building and implementing account-based strategies to land and expand data security solutions • Collaborate synergistically with primary sales teams and leadership to ensure a unified and effective Zscaler presence in the market • Engage stakeholders across the organization, selling effectively to both C-suite executives and technical practitioners
• Monitor and triage security alerts from SIEM, EDR, and other tools; escalate and respond as needed. • Investigate security incidents, determine root cause, document findings, and develop IOCs to prevent recurrence. • Support escalations from internal employees or customers with security-related concerns. • Assist with security reviews related to infrastructure and system changes. • Build, enhance, and maintain internal security tooling and scripting repositories. • Contribute to the development of detection content, alert tuning, and automation pipelines. • Drive annual security team goals and cross-functional initiatives. • Author and maintain clear, actionable documentation and knowledge bases. • Mentor junior team members and share expertise across the organization. • Participate in a rotating on-call schedule for security operations support.
• Design and implement security solutions to enable customers to securely deploy and govern Claude Enterprise • Assess existing security, identity, data, cloud and SaaS architectures and advise on best-in-class solutions for securing enterprise AI tooling across customers in a wide range of industries • Conduct comprehensive evaluations of AI tools (e.g. Claude, Claude Enterprise), platform configurations, data access patterns, connector usage, security controls, processes and personnel to deliver informed recommendations leveraging your expertise in security engineering and AI governance • Design and implement security controls for enterprise AI platforms, including SSO, SCIM, RBAC, MFA, conditional access, admin roles, user lifecycle management, retention policies, audit logging, workspace controls, DLP, and acceptable-use enforcement • Assess and govern AI platform features such as file uploads, custom assistants, projects, GPTs, connectors, browsing, code execution, data analysis, plugins, agents, API access, and external sharing • Review and secure AI integrations with enterprise repositories and collaboration platforms, including Google Drive, SharePoint, OneDrive, Slack, Teams, GitHub, GitLab, Jira, Confluence, Salesforce, Snowflake, Databricks, and BI platforms • Manage and lead end-to-end AI Security Implementation efforts as part of a project team; including activities such as identity integration, access control design, data protection controls, AI platform configurations, connector governance, monitoring / logging and incident response workflows
Developer Intern, Data Security
1PasswordProductive businesses use 1Password to secure employees at scale.
• Be partially responsible for the underlying cryptography across our products. • Help build cryptographic libraries and implement the latest algorithms directly into our client applications with security, performance and usability in mind. • Develop proof-of-concepts and implement new industry specifications into code. • Conduct code and design reviews to ensure good cryptographic hygiene and standards across our codebase.



