Cyber Threat Analyst

Do you enjoy solving technical problems, guiding users, and sharing your cybersecurity expertise?

Are you passionate about cyber analyse and eager to make a real impact from the very first stages of the user journey? If so, this position is for you!

We are looking for a motivated, native Englisch Cybersecurity Analyst to join our team and help strengthen our position as a leader in email security.

This is a full-time, permanent position based at our Vancouver, BC site.

As part of the Vancouver TIRC (Threat and Intelligence Response Center) team, your mission is to fight threats by updating HSE security solutions:

To do so, you will mainly have to analyze threat events raised by our services:

• Qualifying these events according to the different kinds of threat: spam, scam, phishing, spear phishing, malware.

• Be able to analyze minor threats as well as advanced threats and provide security updates.

• Investigate on threat campaigns to identify and block elements used (IPs, Domains, etc.)

• Creating and updating our detection rules (based on regular expressions) to block advanced threats predictively

• Using reporting flows and spamtraps to enhance our understanding of senders.

• Answering to on some direct customers' requests

• Monitor Accuracy metrics and run investigations if you observe suspicious behavior

• Write documentation and reporting on ongoing threats and techniques used

• You have dedicated time to run investigations on a specific topic with other analysts teams (Phishing, Spambot, Scam, etc.)

More than skills, we are looking for a profile based on:

• Experience as a Cybersecurity analyst (SOC experience ideal)
• High motivation to learn
• Demonstrated ability to perform threat analysis
• Very logical mind (Boolean algebra)
• An interest in data analysis (familiar with a big data tool is an advantage)
• Good relationship
  The mission will start with a 3-6 month training with the rest of the team: you will learn from threat definition to the use of our advanced tools to block threats.

In order to ensure your future missions, we need you to be curious, propose initiatives, autonomous, resourceful, rigorous.

Our activity is various according to the period of the year and the attacks. Consequently, we are also looking for someone who is enduring and, due to 24/7, who can work during some weekends and national holidays that are planned and compensated.

Good basics for learning (but not imperative)

• Knowledge of regular expressions (Regex posix)
• Control of Windows & Linux environments and commands (bash, grep, ...)
• Knowledge of HTML
• Knowledge of SMTP protocol
• SPF, DMARC, DKIM
• Experience with a SIEM / Clickhouse is a plus
• Knowledge of email ecosystem is a plus
• Native level proficiency in English language required

• Free space for innovation and autonomy in a fast-growing international company & Opportunities for personal and professional development.
  Short decision-making processes and flat hierarchies in an open work environment.
• Additional sick leave days and public holidays & Home-office option and flexible working hours.
• Collective insurance plan & Be-Active Bonus – we support your health with a contribution towards your membership in fitness and sports clubs.
• “Way to Work” goodie & Team events and regular global meetings.
• Temporary employee exchange program – opportunity to work at our global offices and explore the world (e.g., Malta, Madrid, Berlin, Washington D.C.).