Cybersecurity Analyst
CAA-Québec
full-time
Posted on:
Location Type: Hybrid
Location: Montréal • Canada
Visit company websiteExplore more
About the role
- Assesses, improves and maintains the company’s cybersecurity program in alignment with recognized frameworks (NIST CSF, ISO 27001, etc.)
- Develops and updates information security policies, standards, procedures and guidance
- Defines and tracks security program key performance indicators (KPIs) and produces reports for management
- Leads internal and external security audits and manages remediation plans
- Participates in the development of continuous deployment pipelines (CI/CD) to ensure security is built in by design and by default
- Designs and refines incident response, business continuity and disaster recovery plans for cybersecurity
- Organizes and directs cyber incident simulation exercises (red teaming)
- Performs regular risk analyses and vulnerability assessments
- Monitors threat intelligence and cybersecurity trends
- Acts as the primary point of contact with security solution and service vendors
- Manages contracts, service level agreements (SLAs) and evaluates vendor performance
- Coordinates deployment, configuration and optimization of security tools (SIEM, EDR, PAM, DLP, etc.)
- Evaluates new vendors and solutions according to organizational needs
- Oversees security event monitoring, alert analysis and incident response
- Assists with access, identity and privilege management (IAM/PAM)
- Contributes to security architecture reviews and the company’s technology projects
- Supports technical teams in prioritizing and remediating vulnerabilities
- Serves as the security specialist in risk modeling exercises
Requirements
- University degree in Computer Science, Information Security, Software Engineering or a related field
- Minimum of 10 years of relevant experience in cybersecurity
- Deep knowledge of security frameworks (NIST, ISO 27001/27002, CIS, MITRE ATT&CK)
- Proven experience in managing security programs and incident response
- Proficiency with security technologies: firewalls, SIEM, EDR/XDR, IAM/PAM solutions, DLP, encryption
- Strong understanding of cloud environments (Azure, AWS) and their security
- Ability to communicate effectively in French and English, both written and oral
- Analytical mindset and ability to solve complex problems
- Leadership skills with the ability to influence stakeholders
- Rigorous, autonomous and well-organized
- Ability to explain technical concepts to non-technical audiences
- Strong prioritization skills and ability to work under pressure
Benefits
- Hybrid work arrangement (2 days on-site and 3 days remote)
- Comprehensive group insurance
- Generous vacation with the option to purchase additional leave
- Retirement plan (company matches your contributions between 2% and 6%)
- Annual bonus through our shared success program
- Employee and family assistance program
- Discount on CAA-Québec membership card
- Various discounts at our travel centers, on insurance and with partner organizations
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecurityinformation securitysecurity frameworksincident responserisk analysisvulnerability assessmentcloud securityprogram managementcontinuous deployment pipelinessecurity architecture
Soft Skills
communicationanalytical mindsetleadershipproblem-solvingorganizationprioritizationinfluenceautonomytechnical explanationcollaboration