Role Summary:
As a Security Analyst for the Cyber Defense Centre (CDC), you are a member of a team that manages IT security on behalf of customers to reduce the impact of security incidents and system compromises. This team provides security monitoring, event investigation and analysis, and countermeasure proposals as part of the team responsible for the 24×7 Security Event Management Service.
Key Responsibilities:
Event Detection
- Following an established, documented process for event detection including but not limited to:
- Receipt of Security Alerts from monitored devices and asCyber Defense Centre (CDC) dated technology.
- Acknowledgment of receipt of the event.
- It is opening new service desk tickets or updating existing tickets to track event handling through its lifecycle to resolution and closure.
- Assignment of the event ticket to the appropriate owner.
Event Filtering
- Follow established processes for the identification of events that require filtering.
- We are documenting requests for event filtering in the service desk ticket.
- Assignment of the event ticket to the appropriately defined resource.
- If a client requests to filter specific event types, follow the established process for completing that request.
Event Investigation.
- Follow an established process to collect relevant data and perform the necessary analysis.
- Determine relationships between the event, client services, technologies, and previous tickets.
- Determine whether the relationships warrant an increase in severity and subsequent reprioritization in escalation.
- Document your findings in the service desk ticket as they are discovered.
Event Escalation
- Follow an established process for transmitting event investigation data to the appropriate point of contact, whether that point of contact is an external client or an internal resource.
- Report on recurring problems and issues discovered during your duties.
- Provide action plans detailing specifics of:
- What the event indicates (Event Description).
- Why it is essential for the client (What the potential risks are to the business).
- What actions can the client take to remediate the current event and prevent future instances of this event?
Event closure
- Follow established processes to ensure that resolution criteria are met before closing tickets.
Qualifications:
- Linux
- Windows Server Operating Systems
- Layer 2 and Layer3 OSI model expertise
- Switches/Routers / Firewalls, including vendor technical certifications for the major vendors
- Network/System Intrusion Detection or Prevention Systems
- Understanding basic security concepts: Principle of Least Access, Compartmentalization, etc.
- Asset Management
- Security threat and attack countermeasures
- Ability to conduct in-depth forensic analytical studies and investigations
- Ability to earn the Security+ certification within three months of hire if not already completed
- 1 to 2 years of work experience in a CYBER DEFENSE CENTRE (CDC) environment.
- Excellent written and verbal communication skills.
- Strong troubleshooting and problem-solving skills.
- Team player with the ability to work autonomously.
- Ability to prioritize and reprioritize work as required.
Benefits of working at Infostream:
- We believe in innovation and vibrant culture – work for an innovative, people-first, Digital Transformation Solutions company that values entrepreneurialism
- Pay for Performance excellent base salary and extensive performance bonuses.’
- We believe in a flexible work structure – A flexible hybrid work model that empowers you to do your best at home or the office.
- We care about your rewards – Competitive compensation, including equity programs.
- We care about your health – comprehensive group health and dental benefits and life insurance, including a Lifestyle Spending Account for all your wellness needs.
- We care about your rest – a flexible paid-time-off policy with unlimited vacation days and flexible sick and mental health days.
- We care about your development – industry training and certifications are constant.
- We care labs – intense labs to sandbox, train with peers and vendors
- Dental care
- Employee assistance program
- Extended health care
- RRSP match
- Vision care