Job Description

Role: Cybersecurity Operations Analyst

Permanent

Location: Vancouver, hybrid

On behalf of one of our clients, we are seeking a Cybersecurity Operations Analyst. Using leading edge cybersecurity systems, the client’s Cybersecurity team is accountable for the protection of the company’s IT assets; the detection, response, and management of cybersecurity incidents; and the operation and support of a diverse range of cybersecurity systems across an agile and complex IT environment.

Accountabilities:

As part of the Cybersecurity Operations team, you will play a key role in the delivery of enterprise operational security services, including the collection of cyber-threat intelligence, security vulnerability management, scanning, logging, monitoring, event collection and correlation, and collecting and reporting on operational metrics. Areas of responsibility are noted below:

• Lead/assist in optimizing and improving Security Operations processes.
• Support the orgs cybersecurity toolset which includes, but not limited to, the following technologies: firewalls, Endpoint detection and response, SIEM, PAM, Vulnerability scanners, EPM, MFA, Network Detection and Response, email security, Security Training platforms.
• Validate and review configuration changes made to the cybersecurity toolset.
• Anticipate security breaches and remain up to date on intelligence, including hackers’ methodologies; maintains high degree of knowledge by tracking trends and best practices.
• Perform or assist with vulnerability assessments and recommend remedial actions.
• Develop and deploy security monitoring use cases.
• Triage and analyze security events and incidents to determine the root cause and apply the appropriate mitigation measure.
• Perform incident analysis by correlating data from various sources and determining if a critical system or data set has been impacted.
• Monitor external events and security logs to identify new threats, vulnerabilities, and incidents.
• Propose and collect KPIs and create meaningful daily, weekly, and monthly operational reports.
• Mentor and provide guidance to other cybersecurity operational analysts in the team.
• Collaborate with diverse groups of internal and external IT teams and key stakeholders by interacting effectively and persuasively to investigate and resolve enterprise-wide security violations.
• Lead or participate in cybersecurity investigations and audit reviews.
• Assist with developing, documenting, and maintaining org’s standards, and guidelines as required.
• Assist with establishing and maintaining security incident response plans and procedures.
• Assist in the transition of new cybersecurity systems and devices from project to operations.
• Validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment.

Requirements:

• Minimum 5 years of hands-on experience in a Cybersecurity operations role in an environment the size and complexity of the client.
• Have hands-on experience on systems/technologies such as firewalls, Endpoint detection and response, SIEM, PAM, Vulnerability scanners, EPM, MFA, Network Detection and Response, email security, Security Training platforms…(the more the better).
• Completed degree in a technical discipline such as Engineering or Computer Science.
• Obsession with quick learning and attention to details.
• Ability to work independently and with minimal supervision.
• Excellent interpersonal, written, verbal, communication, and presentation skills.
• Strong analytical and problem-solving skills.
• Strong collaborator who likes sharing their expertise.
• Understanding of enterprise-level networks, networking protocols, devices, and architecture with understanding of TCP/IP, OSI model, IDS, IPS, VPN and SSL Decryption.
• Technical knowledge of Microsoft security and identity technologies, such as Active Directory, Azure Active Directory, O365 Defender, Azure Defender, Azure AD Conditional Access.
• Proficient with scripting languages (e.g. PowerShell, Windows Command Line).
• Advanced knowledge in email security, phishing techniques, and secure email gateways
• Familiarity with various malware categories, their characteristics, and network-based indicators of compromise.
• Industry certifications such as CISSP, CEH, CRISC, CISA, CISM, Security +, CCNA, CCNP, ITIL.
• Available to work regular office hours Monday to Friday (9am – 5 pm). Come remote work is possible but there is a requirement to work in the office as needed (20-40%)
• This role does not require the candidate to be on-call after hours or weekends.
• Legally able work in Canada.

Job Tags

Similar Jobs