IT Security and Compliance Analyst

Company Description

Alter Solutions is a leading consultancy specializing in IT and cybersecurity services. With an international presence, , with a team of 950 employees all over the world, we partner with clients to deliver innovative and effective solutions.

Our services are structured around the following areas of expertise:

• Security Management
• Architecture and Integration
• Audit and Penetration Testing
• Cyber Defense

Our success is driven by the development and fulfillment of each team member, and we place great importance on providing the best possible working conditions:

• Remote work available for a majority of our projects
• A Flex Office work environment available to everyone at all times to promote communication and collaboration
• Expert communities to share and disseminate skills within the group
• Close project management and HR support
• Annual training and certification opportunities
• Recognition of our consultants' expertise development
• Strong openness to short-term or long-term international mobility

We are currently seeking a skilled IT Security and Compliance Analyst to work on an international project within a prominent organization. This role is a consultant position requiring autonomy, technical expertise, and the ability to thrive in a dynamic, multicultural environment.

Job Description

As an IT Security and Compliance Analyst, you will play a pivotal role in ensuring the security and compliance of our client’s information systems. Operating within an international context, you will support risk assessments, monitor security events, manage incidents, and drive compliance initiatives. You will also collaborate with cybersecurity teams across multiple regions to align global efforts.

Key Responsibilities:

1. Security Monitoring and Incident Management:

   • Proactively monitor security alerts to identify and respond to potential threats.
   • Investigate security incidents, analyze root causes, and drive effective resolution.
   • Act as tier-two support for issues related to security controls.

2. Vulnerability and Risk Assessment:

   • Consolidate and report on vulnerabilities to ensure timely remediation.
   • Evaluate security risks for ongoing projects, identifying vulnerabilities and recommending mitigation strategies.

3. Security Awareness and Training:

   • Develop and deliver engaging security awareness training materials.
   • Lead phishing simulation campaigns, analyze results, and enhance organizational resilience.

4. Process Development and Documentation:

   • Create and maintain comprehensive security processes and procedures to guide operational teams.

Technical Environment:

• Windows 10/11/2016+
• Azure, Office 365, Defender, Purview
• ProofPoint (POD, EFD, TAP, TRAP, SER, PSAT)
• Varonis
• Qualys
• SentinelOne
• ElasticSearch/QRadar

Qualifications

Education & Certifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly valued.

Technical Expertise:

• Strong experience with security monitoring tools and platforms (e.g., SIEM, EDR).
• Proficiency with tools in the technical environment, including Azure, Office 365 Defender, ProofPoint, Varonis, Qualys, SentinelOne, and ElasticSearch/QRadar.
• Knowledge of Windows operating systems (10/11/2016+) and their security implications.
• Experience with cloud security and compliance frameworks (e.g., CSA, ISO 27001, NIST CSF).
• Ability to assess and mitigate vulnerabilities, including experience with vulnerability management tools.

Experience:

• Minimum of 5 years in IT security roles, with experience in both technical and compliance aspects.
• Hands-on experience in security incident investigation and root cause analysis.
• Background in developing and delivering security awareness initiatives, including phishing simulation campaigns.
• Prior experience in global or multinational environments is a plus.

Soft Skills:

• Strong problem-solving and analytical thinking abilities.
• Excellent written and verbal communication skills, with the ability to convey complex security concepts to non-technical stakeholders.
• Highly organized, detail-oriented, and capable of managing multiple priorities.
• Strong interpersonal skills to collaborate effectively with cross-functional and international teams.

Language & Travel Requirements:

• Fluency in English is mandatory; proficiency in French is a plus.
• Must be authorized to travel to the United States and Canada, as occasional travel to Seattle and Montréal is required.