Security Analyst – Security Operations Center (SOC)
Full-time - REF19220D
As a security analyst, you’ll be joining the Security & Risk Management Team – SRM, which is a global security team. You will be acting as a key member of the Threat Management team within the Security Operations Center (SOC). Its scope covers different aspects of active and passive threat protection/detection. As part of the blue team, we respond to critical cybersecurity incidents and develop automation to optimize our workflows.
You will provide feedback on detections to the team, tune alerts and assist with designing new detections. You will also support threat hunting efforts and detect undiscovered malicious behaviors.
- Review & respond to alerts in tools such as SIEM, EDR/XDR, IDS;
- Triage alerts and escalate confirmed detections to the Incident Response team;
- Assist the Incident Response team with remediation efforts on confirmed cyber security incidents;
- Threat hunt actively through SIEM and log data;
- Correlate data across information sources and recognize notable patterns;
- Define, develop and maintain the policies related to threat detection;
- Communicate & document clearly threat findings to appropriate teams.
For additional information, our team uses Splunk, Crowdstrike, ServiceNow and Microsoft 365. We use the Hive project for incident response and automation.
- Having a first experience in a security position previously is a must;
- Experience in developing operational processes and technical documentation;
- Experience with threat hunting, digital forensics, incident response or malware analysis;
- Knowledge of SIEMs, Enterprise Security Tools, AV, Cloud Security, Microsoft and Linux OS technologies;
- Knowledge of threat actor TTPs and typical attack methods like MITRE ATT&CK;
- Demonstrated motivation through your involvement in the security community - like having personal projects, CTFs and keep updated on security trends;
- Bilingual French and English is required both orally and written.
Just a heads up: If you require a work permit, your eligibility may depend on your education and years of relevant work experience, as required by the government.
Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.
At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all differences.