This position is no longer open for applications

Purpose of Job: This role is an individual contributor for the Security Incident Response Team. As the team has developed into a24/7 365 operation, we require strong individual contributors that will investigate, analyse and contain security incidents.

Please note this will be shift work and Analysts would be required to work mid shifts and late shifts



Major responsibilities

• Monitor security intake technologies for reports of security incidents

··Perform analysis on cybersecurity alerts in both On-Premises or Cloud environments
··Provide engineering consulting and implementation expertise in support of new initiatives

• Review security tools for opportunities to improve alerting
• Produce detailed incident reports and security recommendations
• Mentor analysts, providing training and guidance through complex incidents

··Strongability to collaborate, delegate tasks and drive deadline compliance in ahighly regulated, time sensitive environment

• Lead security, policy and privacy related events and incidents
• Manage containment and remediation efforts of affected assets, IOCs, and TTPs
• Produce detailed incident reports and security recommendations
• Hold stakeholders accountable for remediation actions
• Providing training and guidance through complex incidents
• Integrate and collaborate with other subject matter experts throughout the organization
• Liaison with Cyber Defense, Privacy, Compliance, Legal, and Architecture teams
• Influence the creation and/or adoption of new standards and procedures

··Identifydeficiencies in processes and tools, recommend security controls and/orcorrective actions for mitigating technical and business risk. Contribute toLessons Learned Meetings.

• Influence the creation and/or adoption of new standards and procedures

Qualifications

• 4 or more years of IT Security or Cyber Security experience in Incident Response and any of the below:

o Cybersecurity threat detection, monitoring and reporting
o Cyber Intelligence and Threat Hunting
o Cyber SOAR Automation Engineering
o Digital Forensics


·Must be able to work off shift hours (e.g. Evening, Nights and Weekends)
·Experience analyzing attack vectors, current threats, and security remediation strategies
·Experience with SIEM technologies, EDR technologies, and/or Asset isolation tools
·Networking experience (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture
·High level familiarity of global privacy regulations and legislations (GDPR, UK-DPA,HIPAA etc)
·Experience in public cloud platforms, including Azure, AWS, and Google Cloud Platform
·Information Technology Industry Certification
 Assets

• Undergraduate degree or equivalent experience 
• PowerShell, KQL, or Python scripting experience
• Knowledge of Crowdstrike, Defender stack and Google SecOps
• Understanding of NIST 800-61, Cyber Kill Chain, and MITRE ATT&CK framework