19 Cybersecurity Specialist jobs in Montréal

The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries. This critical role requires a detailed understanding of cyber security and in-depth knowledge of Endpoint, Networking, Cloud technologies and Identity; especially in the context CSPM (cloud security posture management) of logging pipelines, observability, and detection engineering know-how to protect such assets in preparation for increasing complexity and emerging threats.
Your main tasks will be detection mechanisms that provide comprehensive coverage of know CLOUD SECURITY threats but also build custom CLOUD ASSETS based detections to tackle new threats.
YOU’LL HAVE THE OPPORTUNITY TO:

• Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy for CLOUD ASSETS with main focus on Azure and GCP.
• Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to CSPM, CWPP, Containers.
• Manage and monitor:
  • cloud resource entitlements to reduce access risks,
  • cyber tooling output and conduct spot checks for accuracy,
  • cloud configurations to ensure compliance with security best practices (e.g., AWS, Azure, Google Cloud).
• Manage detection engineering security operations projects, including process improvement and technology investment in the CLOUD.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats
• Manage technical aspects of BRP’s cyber technology providers in order to make sure BRP Cyber tech stack is providing all the necessary detective protections.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats. Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.
• Respond to monitoring alerts according to defined playbooks and procedures.
• Implement least-privilege access policies and ensure compliance with identity and access management (IAM) standards. Detect and remediate any identity anomalies in cloud environments.
• Implement automated tools to maintain a robust security postur
  

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• Excellent Azure Security, Microsoft CSPM, GCP skillset with hands-on experience. AWS experience is an asset. Hands-on experience with CSPM, CWP, CIEM, and CNAPP tools.
• Certifications such as AWS Certified Security - Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. Any of GIAC range of certs
• Experience with PKI
• Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
• Experience with infrastructure as code tools, such as Hashicorp Terraform.
• Experience with CI/CD pipelines (re: automation).
• Good understanding of Identity (IAM/PAM) in the context of Cloud Security as well as on prem assets (AD, Entra ID)
• Bachelor’s degree in information technology, security, or similar computer-related field of study and 5+ years of information security experience
• Experience of Cloud security services/tools deployment and orchestration technologies
• In-depth familiarity with workflow tools and ability to develop and improve tools/processes
• Solid knowledge of incident response methodologies, best practices and routines
• Skilled at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
• Medium to advanced understanding of IOC’s, Cyber Kill Chain, MITRE ATT&CK and preventive and detective technical controls.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!

For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

Let’s start with a strong foundation - You want it, we have it:

• Annual bonus based on the company’s financial results

• Generous paid time away

• Pension plan

• Collective saving opportunities

• Industry leading healthcare fully paid by BRP

What about some feel good perks:

• Flexible work schedule

• A summer schedule that varies by department and location

• Holiday season shutdown

• Educational resources

• Discount on BRP products

WELCOME TO BRP

We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.
#LI-Hybrid

The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries. This critical role requires a detailed understanding of cyber security and in-depth knowledge of Endpoint, Networking, Cloud technologies and Identity; especially in the context CSPM (cloud security posture management) of logging pipelines, observability, and detection engineering know-how to protect such assets in preparation for increasing complexity and emerging threats.
Your main tasks will be detection mechanisms that provide comprehensive coverage of know CLOUD SECURITY threats but also build custom CLOUD ASSETS based detections to tackle new threats.
YOU’LL HAVE THE OPPORTUNITY TO:

• Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy for CLOUD ASSETS with main focus on Azure and GCP.
• Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to CSPM, CWPP, Containers.
• Manage and monitor:
  • cloud resource entitlements to reduce access risks,
  • cyber tooling output and conduct spot checks for accuracy,
  • cloud configurations to ensure compliance with security best practices (e.g., AWS, Azure, Google Cloud).
• Manage detection engineering security operations projects, including process improvement and technology investment in the CLOUD.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats
• Manage technical aspects of BRP’s cyber technology providers in order to make sure BRP Cyber tech stack is providing all the necessary detective protections.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats. Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.
• Respond to monitoring alerts according to defined playbooks and procedures.
• Implement least-privilege access policies and ensure compliance with identity and access management (IAM) standards. Detect and remediate any identity anomalies in cloud environments.
• Implement automated tools to maintain a robust security postur
  

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• Excellent Azure Security, Microsoft CSPM, GCP skillset with hands-on experience. AWS experience is an asset. Hands-on experience with CSPM, CWP, CIEM, and CNAPP tools.
• Certifications such as AWS Certified Security - Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. Any of GIAC range of certs
• Experience with PKI
• Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
• Experience with infrastructure as code tools, such as Hashicorp Terraform.
• Experience with CI/CD pipelines (re: automation).
• Good understanding of Identity (IAM/PAM) in the context of Cloud Security as well as on prem assets (AD, Entra ID)
• Bachelor’s degree in information technology, security, or similar computer-related field of study and 5+ years of information security experience
• Experience of Cloud security services/tools deployment and orchestration technologies
• In-depth familiarity with workflow tools and ability to develop and improve tools/processes
• Solid knowledge of incident response methodologies, best practices and routines
• Skilled at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
• Medium to advanced understanding of IOC’s, Cyber Kill Chain, MITRE ATT&CK and preventive and detective technical controls.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!

For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

Let’s start with a strong foundation - You want it, we have it:

• Annual bonus based on the company’s financial results

• Generous paid time away

• Pension plan

• Collective saving opportunities

• Industry leading healthcare fully paid by BRP

What about some feel good perks:

• Flexible work schedule

• A summer schedule that varies by department and location

• Holiday season shutdown

• Educational resources

• Discount on BRP products

WELCOME TO BRP

We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.
#LI-Hybrid

The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries. This critical role requires a detailed understanding of cyber security and in-depth knowledge of Endpoint, Networking, Cloud technologies and Identity; especially in the context CSPM (cloud security posture management) of logging pipelines, observability, and detection engineering know-how to protect such assets in preparation for increasing complexity and emerging threats.
Your main tasks will be detection mechanisms that provide comprehensive coverage of know CLOUD SECURITY threats but also build custom CLOUD ASSETS based detections to tackle new threats.
YOU’LL HAVE THE OPPORTUNITY TO:

• Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy for CLOUD ASSETS with main focus on Azure and GCP.
• Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to CSPM, CWPP, Containers.
• Manage and monitor:
  • cloud resource entitlements to reduce access risks,
  • cyber tooling output and conduct spot checks for accuracy,
  • cloud configurations to ensure compliance with security best practices (e.g., AWS, Azure, Google Cloud).
• Manage detection engineering security operations projects, including process improvement and technology investment in the CLOUD.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats
• Manage technical aspects of BRP’s cyber technology providers in order to make sure BRP Cyber tech stack is providing all the necessary detective protections.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats. Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.
• Respond to monitoring alerts according to defined playbooks and procedures.
• Implement least-privilege access policies and ensure compliance with identity and access management (IAM) standards. Detect and remediate any identity anomalies in cloud environments.
• Implement automated tools to maintain a robust security postur
  

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• Excellent Azure Security, Microsoft CSPM, GCP skillset with hands-on experience. AWS experience is an asset. Hands-on experience with CSPM, CWP, CIEM, and CNAPP tools.
• Certifications such as AWS Certified Security - Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. Any of GIAC range of certs
• Experience with PKI
• Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
• Experience with infrastructure as code tools, such as Hashicorp Terraform.
• Experience with CI/CD pipelines (re: automation).
• Good understanding of Identity (IAM/PAM) in the context of Cloud Security as well as on prem assets (AD, Entra ID)
• Bachelor’s degree in information technology, security, or similar computer-related field of study and 5+ years of information security experience
• Experience of Cloud security services/tools deployment and orchestration technologies
• In-depth familiarity with workflow tools and ability to develop and improve tools/processes
• Solid knowledge of incident response methodologies, best practices and routines
• Skilled at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
• Medium to advanced understanding of IOC’s, Cyber Kill Chain, MITRE ATT&CK and preventive and detective technical controls.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!

For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

Let’s start with a strong foundation - You want it, we have it:

• Annual bonus based on the company’s financial results

• Generous paid time away

• Pension plan

• Collective saving opportunities

• Industry leading healthcare fully paid by BRP

What about some feel good perks:

• Flexible work schedule

• A summer schedule that varies by department and location

• Holiday season shutdown

• Educational resources

• Discount on BRP products

WELCOME TO BRP

We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.
#LI-Hybrid

The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries. This critical role requires a detailed understanding of cyber security and in-depth knowledge of Endpoint, Networking, Cloud technologies and Identity; especially in the context CSPM (cloud security posture management) of logging pipelines, observability, and detection engineering know-how to protect such assets in preparation for increasing complexity and emerging threats.
Your main tasks will be detection mechanisms that provide comprehensive coverage of know CLOUD SECURITY threats but also build custom CLOUD ASSETS based detections to tackle new threats.
YOU’LL HAVE THE OPPORTUNITY TO:

• Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy for CLOUD ASSETS with main focus on Azure and GCP.
• Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to CSPM, CWPP, Containers.
• Manage and monitor:
  • cloud resource entitlements to reduce access risks,
  • cyber tooling output and conduct spot checks for accuracy,
  • cloud configurations to ensure compliance with security best practices (e.g., AWS, Azure, Google Cloud).
• Manage detection engineering security operations projects, including process improvement and technology investment in the CLOUD.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats
• Manage technical aspects of BRP’s cyber technology providers in order to make sure BRP Cyber tech stack is providing all the necessary detective protections.
• Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats. Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.
• Respond to monitoring alerts according to defined playbooks and procedures.
• Implement least-privilege access policies and ensure compliance with identity and access management (IAM) standards. Detect and remediate any identity anomalies in cloud environments.
• Implement automated tools to maintain a robust security postur
  

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• Excellent Azure Security, Microsoft CSPM, GCP skillset with hands-on experience. AWS experience is an asset. Hands-on experience with CSPM, CWP, CIEM, and CNAPP tools.
• Certifications such as AWS Certified Security - Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. Any of GIAC range of certs
• Experience with PKI
• Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
• Experience with infrastructure as code tools, such as Hashicorp Terraform.
• Experience with CI/CD pipelines (re: automation).
• Good understanding of Identity (IAM/PAM) in the context of Cloud Security as well as on prem assets (AD, Entra ID)
• Bachelor’s degree in information technology, security, or similar computer-related field of study and 5+ years of information security experience
• Experience of Cloud security services/tools deployment and orchestration technologies
• In-depth familiarity with workflow tools and ability to develop and improve tools/processes
• Solid knowledge of incident response methodologies, best practices and routines
• Skilled at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
• Medium to advanced understanding of IOC’s, Cyber Kill Chain, MITRE ATT&CK and preventive and detective technical controls.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!

For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

Let’s start with a strong foundation - You want it, we have it:

• Annual bonus based on the company’s financial results

• Generous paid time away

• Pension plan

• Collective saving opportunities

• Industry leading healthcare fully paid by BRP

What about some feel good perks:

• Flexible work schedule

• A summer schedule that varies by department and location

• Holiday season shutdown

• Educational resources

• Discount on BRP products

WELCOME TO BRP

We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.
#LI-Hybrid

The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries. This critical role requires a detailed understanding of cyber security and in-depth knowledge of Endpoint, Networking, Cloud technologies and Identity; especially in the context CSPM (cloud security posture management) of logging pipelines, observability, and detection engineering know-how to protect such assets in preparation for increasing complexity and emerging threats.

Your main tasks will be detection mechanisms that provide comprehensive coverage of know CLOUD SECURITY threats but also build custom CLOUD ASSETS based detections to tackle new threats.

YOU’LL HAVE THE OPPORTUNITY TO:

Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy for CLOUD ASSETS with main focus on Azure and GCP.
Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to CSPM, CWPP, Containers.
Manage and monitor: cloud resource entitlements to reduce access risks,
cyber tooling output and conduct spot checks for accuracy,
cloud configurations to ensure compliance with security best practices (e.g., AWS, Azure, Google Cloud).

Manage detection engineering security operations projects, including process improvement and technology investment in the CLOUD.
Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats
Manage technical aspects of BRP’s cyber technology providers in order to make sure BRP Cyber tech stack is providing all the necessary detective protections.
Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats. Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.
Respond to monitoring alerts according to defined playbooks and procedures.
Implement least-privilege access policies and ensure compliance with identity and access management (IAM) standards. Detect and remediate any identity anomalies in cloud environments.
Implement automated tools to maintain a robust security postur

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:
Excellent Azure Security, Microsoft CSPM, GCP skillset with hands-on experience. AWS experience is an asset. Hands-on experience with CSPM, CWP, CIEM, and CNAPP tools.
Certifications such as AWS Certified Security - Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. Any of GIAC range of certs
Experience with PKI
Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
Experience with infrastructure as code tools, such as Hashicorp Terraform.
Experience with CI/CD pipelines (re: automation).
Good understanding of Identity (IAM/PAM) in the context of Cloud Security as well as on prem assets (AD, Entra ID)
Bachelor’s degree in information technology, security, or similar computer-related field of study and 5+ years of information security experience
Experience of Cloud security services/tools deployment and orchestration technologies
In-depth familiarity with workflow tools and ability to develop and improve tools/processes
Solid knowledge of incident response methodologies, best practices and routines
Skilled at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
Medium to advanced understanding of IOC’s, Cyber Kill Chain, MITRE ATT&CK and preventive and detective technical controls.

ACKNOWLEDGING THE POWER OF DIVERSITY
BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!
For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.
Let’s start with a strong foundation - You want it, we have it:
Annual bonus based on the company’s financial results

Generous paid time away

Pension plan

Collective saving opportunities

Industry leading healthcare fully paid by BRP

What about some feel good perks:
Flexible work schedule

A summer schedule that varies by department and location

Holiday season shutdown

Educational resources

Discount on BRP products

WELCOME TO BRP
We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.

#LI-Hybrid

Network Security Analyst - Palo Alto, MS AVS Cloud Migration

Competencies: Digital : Network Security Palo Alto, CNS_Network Security_Cisco Experience (Years): 6-8

Keywords: Palo Alto, Vmware

Role Description: Migration of On-Prem datacenter to Microsoft AVS Cloud. Coordination with clients Technical team Essential Skills:

1) skill and experience of migration of Palo Alto physical firewall configuration, routing configuration and other policy to virtual palo Alto firewall.

2) experience of migration of site to site VPN links from one dc to AVS cloud.

3) NSX T configuration skills including bgp routing in Azure.

4) overall VMware and Azure AVS migration skill is a plus.

5) IP design planning and deployment is a must skills.

6) IP whitelist, redesign of public IP, load balancer experience, SsL certificate migration are must Experience of Azure AVS technology.

Desirable Skills: Experience of Azure AVS technology.

Job Description

GoSecure is recognized as a leader and innovator in cybersecurity solutions. The company is the first and only to integrate an Endpoint and Network threat detection platform, Managed Detection and Response services, and Cloud/SaaS delivery. Together, these capabilities provide the most effective response to the increased sophistication of continuously evolving malware and malicious insiders that target people, processes and systems. With focus on innovation quality, integrity, and respect, GoSecure has become the trusted provider of cybersecurity products and services to organizations of all sizes, across all industries globally. To learn more, please visit:

GoSecure offers a creative and challenging work environment, a competitive benefit package, and a great atmosphere to foster career growth. Come put your career on the leading-edge and bring your talents to a much sought-after high growth opportunity in technology- GoSecure!

GoSecure is an Equal Opportunity Employer committed to hiring a diverse work team (EEO/AA).

Summary

The VMaaS Analyst is responsible for supporting the delivery and operation of Vulnerability Management as a Service. This includes identifying, analyzing, prioritizing, and reporting vulnerabilities across client environments or internal systems. The analyst ensures timely remediation and maintains compliance with relevant security frameworks. This role is critical in reducing risk exposure and enhancing the organization’s overall security posture.

Duties and responsibilities

• Operate and maintain vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7, etc.)
• Perform regular vulnerability assessments across on-premise and cloud environments.
• Analyze scan results to identify false positives and prioritize true findings based on risk.
• Develop and deliver vulnerability reports and dashboards tailored to technical and non-technical audiences.
• Collaborate with system owners, IT teams, and application developers to track remediation efforts and provide guidance on fixes.
• Monitor threat intelligence and CVE feeds to stay current on emerging vulnerabilities.
• Support the tuning of scanning tools to improve detection accuracy and performance.
• Ensure service-level agreements (SLAs) for vulnerability management are met.
• Maintain documentation for processes, playbooks, and customer engagement models.
• Assist in audits and compliance efforts (e.g., PCI-DSS, ISO 27001, NIST CSF).
• Participate in incident response efforts related to newly disclosed or exploited vulnerabilities.
• Contribute to continuous improvement of the VMaaS offering.

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field; or equivalent work experience.
• 2+ years of experience in vulnerability management or cybersecurity operations.
• Hands-on experience with one or more vulnerability management tools (e.g., Tenable.io, Qualys, Rapid7 InsightVM).
• Solid understanding of network protocols, operating systems, and web applications.
• Familiarity with CVSS, NIST NVD, MITRE ATT&CK, and vulnerability scoring.
• Strong analytical, organizational, and problem-solving skills.
• Ability to interpret technical findings and communicate risks effectively.
• Bilingual: English and French in order to respond effectively to our customers and colleagues outside of QC.

Preferred:

• Experience with cloud platforms (AWS, Azure, GCP) and their security services.
• Knowledge of patch management and secure configuration practices.
• Certifications such as CompTIA Security+, CEH, OSCP, or GIAC GSEC/GCIH.
• Familiarity with ticketing systems (e.g., ServiceNow, Jira) and SIEM tools (e.g., Splunk).

Why come to GoSecure?

3 weeks vacation, 5 personal days

14 paid statutory Holidays

Collective insurance: health, vision, dental, disability, life, travel

Employee Assistance Program (Dialogue)

RSP and employer matching contribution

Peers recognition program and other bonuses given along the year

Company stock options

GoSecurian perks

Young and dynamic team always looking to be better

and much more!

Job Description

Summary

An intrusion tester is part of the security testing team and performs various types of security tests for clients. Tests may include wireless assessment, web application test, internal network assessment, external network assessment, phishing exercises, red team assessment, physical security assessment, code review, mobile application assessment, embedded device assessment and other types of security tests.

Duties and responsibilities

• Perform security test, in accordance to our methodology
• Report the technical findings in a report. Tester may have to present the report to clients with varying level of technical knowledge. A good capacity to explain business impact as well as technical issues is a plus.
• Act as an advisor to the client
• Answers clients’ inquiries via phone or email in a professional and timely manner;
• Stay up-to-date on information technology trends, security standards and IT security news.
• Other duties as required.

Qualifications

• 3 years of relevant experience.
• Bachelor’s degree in related field and/or equivalent education/experience.
• Knowledge of common pentesting methodologies (PTES, OSTMM), vulnerability scoring framework (CVSS, DREAD) and OWASP Top 10
• OSCP is considered an asset
• Should be eligible for Secret Clearance and not have any criminal records.
• Excellent written and verbal communication skills
• Energetic and positive attitude
• Exceptional ability to multitask and meet deadline
• Bilingual (English/French) is a big plus

Job Description

Summary

The VMaaS Analyst is responsible for supporting the delivery and operation of Vulnerability Management as a Service. This includes identifying, analyzing, prioritizing, and reporting vulnerabilities across client environments or internal systems. The analyst ensures timely remediation and maintains compliance with relevant security frameworks. This role is critical in reducing risk exposure and enhancing the organization’s overall security posture.

Duties and responsibilities

• Operate and maintain vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7, etc.)
• Perform regular vulnerability assessments across on-premise and cloud environments.
• Analyze scan results to identify false positives and prioritize true findings based on risk.
• Develop and deliver vulnerability reports and dashboards tailored to technical and non-technical audiences.
• Collaborate with system owners, IT teams, and application developers to track remediation efforts and provide guidance on fixes.
• Monitor threat intelligence and CVE feeds to stay current on emerging vulnerabilities.
• Support the tuning of scanning tools to improve detection accuracy and performance.
• Ensure service-level agreements (SLAs) for vulnerability management are met.
• Maintain documentation for processes, playbooks, and customer engagement models.
• Assist in audits and compliance efforts (e.g., PCI-DSS, ISO 27001, NIST CSF).
• Participate in incident response efforts related to newly disclosed or exploited vulnerabilities.
• Contribute to continuous improvement of the VMaaS offering.

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field; or equivalent work experience.
• 2+ years of experience in vulnerability management or cybersecurity operations.
• Hands-on experience with one or more vulnerability management tools (e.g., Tenable.io, Qualys, Rapid7 InsightVM).
• Solid understanding of network protocols, operating systems, and web applications.
• Familiarity with CVSS, NIST NVD, MITRE ATT&CK, and vulnerability scoring.
• Strong analytical, organizational, and problem-solving skills.
• Ability to interpret technical findings and communicate risks effectively.
• Bilingual: English and French in order to respond effectively to our customers and colleagues outside of QC.

Preferred:

• Experience with cloud platforms (AWS, Azure, GCP) and their security services.
• Knowledge of patch management and secure configuration practices.
• Certifications such as CompTIA Security+, CEH, OSCP, or GIAC GSEC/GCIH.
• Familiarity with ticketing systems (e.g., ServiceNow, Jira) and SIEM tools (e.g., Splunk).

Why come to GoSecure?

3 weeks vacation, 5 personal days

14 paid statutory Holidays

Collective insurance: health, vision, dental, disability, life, travel

Employee Assistance Program (Dialogue)

RSP and employer matching contribution

Peers recognition program and other bonuses given along the year

Company stock options

GoSecurian perks

Young and dynamic team always looking to be better

and much more!