L3 SOC Analyst / Incident Responder
Job Description
Job Description
Job Description
Company Description
Act Digital is a technology consulting and expertise firm founded in 2006. Our mission is to support our clients with their technical and organizational cybersecurity challenges. Our offering is structured around the following areas of expertise:
- Security Management
- Architecture and Integration
- Audit and Penetration Testing
- Cyber Defense
We are an international group with 6,500 employees and operations in 12 countries. Our success depends on the development and fulfillment of each employee, and we place great importance on providing the best possible working conditions:
- Remote working is available for a large part of our assignments
- A Flex Office work environment available to everyone at all times to foster communication and collaboration
- Communities of experts to share and disseminate skills within the group
- Project management and local HR support
- Training and certification offered annually
- Promotion of our consultants' expertise
- Strong openness to occasional or long-term international mobility
- Intrapreneurship opportunities
act digital Canada is one of our newest subsidiaries, created in 2023. We have our offices located in downtown Montreal, directly connected to the city's metro network.
Job DescriptionWe are looking for an experienced L3 SOC Analyst / Incident Responder to join our cybersecurity team. In this role, you will be responsible for leading advanced threat detection, incident response activities, and driving the continuous improvement of our security operations. You will be a key player in protecting our clients digital assets from sophisticated cyber threats. (3 days on site, 2 day on remote)
Key Responsibilities:
Advanced Threat Detection: Monitor and analyze security events from various sources, including SIEM, EDR, NDR, firewalls, and other protection systems. Identify and respond to advanced persistent threats (APTs) and complex security incidents.
Incident Response: Lead incident response efforts, including investigation, containment, eradication, and recovery. Coordinate with other teams to manage and mitigate security incidents, ensuring minimal impact on business operations.
Forensics and Analysis: Perform in-depth forensic analysis on compromised systems, including malware analysis, network traffic analysis, and log analysis. Document findings and provide detailed incident reports.
Threat Hunting: Proactively hunt for hidden threats in the network, using threat intelligence, behavioral analysis, and anomaly detection techniques. Identify and mitigate potential security risks before they escalate.
Security Improvements: Collaborate with the SOC team to continuously improve detection capabilities, including tuning and optimizing SIEM rules, developing custom scripts, and integrating new tools and technologies.
Training and Mentorship: Provide guidance and mentorship to junior SOC analysts (L1/L2), sharing knowledge and best practices for incident response and threat detection.
Post-Incident Reporting: Prepare detailed post-incident reports that include root cause analysis, impact assessments, and recommendations for future prevention measures. Communicate findings to senior management and relevant stakeholders.
Incident Playbooks: Develop and maintain incident response playbooks, ensuring they are up-to-date and aligned with the latest threat landscape and industry best practices.
Collaboration: Work closely with other IT and security teams, including vulnerability management, IT operations, and network security, to strengthen the organization’s overall security posture.
Experience:
- 5+ years of experience in a SOC environment, with a focus on incident response and advanced threat detection.
- Proven track record of handling complex security incidents and conducting forensic investigations.
Technical Skills:
- Expertise in SIEM platforms (e.g., Splunk, QRadar), IDS/IPS, firewalls, and endpoint detection and response (EDR) tools.
- Proficiency in scripting languages (e.g., Python, PowerShell) for automation and custom detection use cases.
- Strong understanding of network protocols, malware analysis, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST).
- Experience with threat hunting techniques and tools, as well as familiarity with threat intelligence platforms.
Soft Skills:
- Excellent problem-solving skills and the ability to work under pressure during high-stress incidents.
- Strong communication skills, capable of explaining technical issues to both technical and non-technical stakeholders.
- A proactive mindset with a passion for staying current with the latest cybersecurity trends and threats.
Education:
- Bachelor’s degree in Computer Science, Information Security, or a related field is preferred.
Additional Information
3 days in the office / 2 days on remote
How to Apply
Ready to start your career as a L3 SOC Analyst / Incident Responder at act digital?
- Click the "Apply Now" button below.
- Review the safety warning in the modal.
- You will be redirected to the employer's official portal to complete your application.
- Ensure your resume and cover letter are tailored to the job description using our AI tools.
Frequently Asked Questions
Who is hiring?▼
This role is with act digital in Montréal.
Is this a remote position?▼
This appears to be an on-site role in Montréal.
What is the hiring process?▼
After you click "Apply Now", you will be redirected to the employer's official site to submit your resume. You can typically expect to hear back within 1-2 weeks if shortlisted.
How can I improve my application?▼
Tailor your resume to the specific job description. You can use our free Resume Analyzer to see how well you match the requirements.
What skills are needed?▼
Refer to the "Job Description" section above for a detailed list of required and preferred qualifications.