Cybersecurity Analyst Role The Cybersecurity Analyst plays a vital role in protecting the digital future of Kruger Inc. and ensuring the resilience of our operations. They are responsible for managing security incidents, monitoring cybersecurity events, responding to security requests, and continuously improving operational security processes and playbooks. This role requires expertise in preventing, detecting, and responding to cybersecurity threats while maintaining the integrity of our IT environment. Main Responsibilities - Security Incident and Service Request Management: - Identify, analyze, and respond to cybersecurity incidents and service requests. - Conduct in-depth technical investigations to assess the impact and origin of incidents. - Document incidents and produce post-mortem reports with recommendations. - Coordinate incident response activities with internal teams and third-party vendors. - Monitoring and Event Analysis: - Oversee security monitoring and detection tools (SIEM, EDR, data etc.). - Analyze logs and alerts to detect suspicious behaviors or anomalies. - Prioritize and escalate critical identified threats. - Contribute to the development of use cases and detection rules. - Operational Processes and Playbooks Optimization: - Define and update operational procedures related to cybersecurity. - Ensure processes comply with standards and regulations (ISO 27001, NIST, etc.). - Participate in simulation exercises and incident response plan testing. - Contribute to raising awareness and training teams on cybersecurity best practices. - Transversal Contributions: - Develop and improve a security control assessment framework based on industry standards to evaluate program efficiency. - Provide input on vendor security assessments, attestations, audits, risk assessments, and testing. - Offer security recommendations for major technology and business-driven projects. - Continuously improve the organization's security awareness and education program. - Maintain and update security policies, procedures, baselines, guidelines, and control standards. - Provide after-hours support for critical and high-risk security incidents. Requirements - Academic Background: - Bachelor's degree in computer science or equivalent. - Industry certifications such as CompTIA Security+, CISSP, or GIAC are an asset. - Experience: - 5 years of experience related to the field of cybersecurity. - Skills and Abilities: - Technical Skills: - Good knowledge in security monitoring and analysis tools (SIEM, antivirus, firewall, etc.). - Knowledge of network protocols, operating systems (Windows, Linux), and common applications. - Skills in digital investigation and memory analysis. - Understanding of attack techniques (phishing, malware, DDoS, etc.) and associated defense methods. - Knowledge in asset classification and risk management frameworks. - Non-Technical Skills: - Requires strong customer focus, organizational skills, ethics, and adaptability to change. - Result-oriented with a commitment to team success. - Good communication skills with technical stakeholders and comfortable with non-technical stakeholders. - Analytical and problem-solving mindset. - Ability to work under pressure during critical incidents. - Team player and ability to collaborate with multidisciplinary teams. - Languages: - Fluent in English (written and spoken), able to read and write technical documentation for all domains related to system administration, able to communicate professionally with technical and non-technical in both English to enable daily operations and remote support. - French written and spoken is an asset. Seniority Level - Associate Employment Type - Full-time Job Function - Information Technology and Analyst - Industries: Paper and Forest Product Manufacturing, Technology, Information and Media, and Manufacturing