Security Expert - PCSIRT - SIEM
With over 30 years of recognized expertise, COFOMO is now a leading Canadian consulting firm specializing in digital and artificial intelligence. Supported by more than 3,000 experts, 10 Centers of Excellence, and 4 offices across the country, we are uniquely positioned to successfully guide our clients through their transformations. Both strategic and tactical, we help organizations across a wide range of industries thrive in today’s rapidly evolving world.
Our promise
Help our clients succeed and maximize the impact of their transformation initiatives, turning them into powerful drivers of growth and innovation.
Job description
- Analyze and monitor security logs from multiple sources and devices;
- Develop and validate use cases related to threat detection;
- Establish and evolve threat hunting capabilities;
- Investigate security incidents, document findings and produce reports;
- Perform threat hunting activities to identify potential threats and remediate vulnerabilities;
- Support the resolution of security incidents and respond to cybersecurity-related requests;
- Perform tasks independently while respecting established processes;
- Share information and collaborate with other analysts and teams;
- Apply incident management procedures to analyze and qualify security events;
- Escalate critical incidents and recommend corrective actions;
- Maintain up-to-date knowledge of technology architectures, vulnerabilities and threats;
- Continuously improve processes, tools and analysis methods;
- Act as an expert in a specific field of security;
- Participate in the continuous improvement of analytical skills and abilities;
- Comply with internal security policies and operational standards;
- Collaborate with incident response teams and international partners;
- Contribute to one-off project-related work.
The profile you are looking for is as follows:
- Have experience in managing IT security incidents at level 3 or have more than five (5) years of experience at level 2;
- Master the techniques used by malware and advanced threats;
- Demonstrate a strong cybersecurity culture;
- Knowledge of the security of network infrastructures, Unix and Windows environments, databases, and deployment tools;
- Be proficient in writing scripts in shell, Python, Java, PowerShell, Ansible or SQL;
- Possess more than five (5) years of experience with technologies such as SIEM, ELK, IDS/IPS, network and host firewall, DLP;
- Have experience with antivirus, EDR, firewall and content filtering solutions;
- Demonstrate skills in incident response, log analysis, and PCAP analysis;
- Understanding network fundamentals (OSI model, TCP/IP, DNS, HTTP(S), SMTP);
- Hold certifications such as GCFA, GCIH, OSCP or equivalent (an asset).
Here is a brief overview of the tasks and responsibilities:
- Analyze and monitor security logs from multiple sources and devices;
- Develop and validate use cases related to threat detection;
- Implement and enhance threat hunting capabilities;
- Investigate security incidents, document findings, and produce reports;
- Perform threat hunting activities to identify potential threats and remediate vulnerabilities;
- Support the resolution of security incidents and respond to cybersecurity-related requests;
- Execute tasks independently while following established processes;
- Share information and collaborate with other analysts and teams;
- Apply incident management procedures to analyze and qualify security events;
- Escalate critical incidents and recommend corrective actions;
- Maintain up-to-date knowledge of technology architectures, vulnerabilities, and threats;
- Continuously improve processes, tools, and analysis methods;
- Act as a subject matter expert in a specific area of security;
- Contribute to continuous improvement of skills and analytical capabilities;
- Adhere to internal security policies and operational standards;
- Collaborate with incident response teams and international partners;
- Contribute to ad hoc project-related tasks.
The ideal profile is as follows:
- Have experience in IT security incident management at Level 3 or possess more than five (5) years of experience at Level 2;
- Master techniques used by malware and advanced threats;
- Demonstrate a strong cybersecurity mindset;
- Have knowledge of network infrastructure security, Unix and Windows environments, databases, and deployment tools;
- Be proficient in scripting languages such as Shell, Python, Java, PowerShell, Ansible, or SQL;
- Have more than five (5) years of experience with technologies such as SIEM, ELK, IDS/IPS, network and host-based firewalls, and DLP;
- Have experience with antivirus solutions, EDR, firewalls, and content filtering;
- Demonstrate skills in incident response, log analysis, and PCAP analysis;
- Understand networking fundamentals (OSI model, TCP/IP, DNS, HTTP(S), SMTP);
- Hold certifications such as GCFA, GCIH, OSCP, or equivalent (an asset).
Why choose a career at COFOMO?*
- Competitive compensation and benefits
- Wellness program
- 24/7 telemedicine access
- Support for legal, accounting, and mental health needs
- Focus on growth, development, and skills enhancement
- Personalized career plan and tailored guidance
- Hybrid work environment
- Active social club and year-round events
* Only applicable to permanent COFOMO employees.
Join our team.
Make a difference every day by taking advantage of our development programs, access to our Centers of excellence, and a stimulating work environment.
Professional development
We invest in our talent, encourage continuous growth, and support you in every aspect of your career.
Latest technologies and best practices
Leverage your skills, knowledge, and problem-solving abilities on large-scale projects for leading clients.
Welcoming and people-focused organization
A place where you can feel at home. COFOMO is a space where you can grow, learn, create, contribute, and be recognized for your achievements.
Working at COFOMO gives you the opportunity to collaborate today on the technological projects of tomorrow — from green technology to the latest innovations in artificial intelligence and information security.
Our Values
Beyond words, COFOMO’s values guide our actions and shape our policies. Without them, we’d be just another company—and we are anything but that.
At COFOMO :
You are recognized and valued for your skills, expertise, and—most importantly—your potential. That’s how we measure value here.
We hire people based on talent. Period.
Everyone matters, everyone’s voice counts, and everyone is respected.
COFOMO values the differences that enable each of us to make meaningful and unique contributions to our success and shared culture. We foster diversity and inclusion, creating workplaces where new ideas, different experiences, and unique perspectives can be shared—often with people you might not otherwise have the opportunity to collaborate with.
MASCULINE OR FEMININE TERMS ARE USED INTERCHANGEABLY WITHOUT ANY INTENT OF DISCRIMINATION. COFOMO IS AN EMPLOYER OF CHOICE THAT PROMOTES DIVERSITY AND APPLIES FAIR EMPLOYMENT PRACTICES.
Employer of choice
COFOMO is a consulting firm specializing in digital transformation and artificial intelligence. We stand out for the digital ingenuity of our talent, our unique approach, and our values. Make an informed choice and discover what makes us