One of Canada's leading online brokerage firm and wealth management firm is looking for a Team Leader, Cybersecurity SIEM-SOC-IR
As a Team Leader, Cybersecurity SIEM-SOC-IR, your contribution delivering sustainable and measurable results in the following areas will be very important:
You will be assisting with transformation of our Information Security Program, helping to effectively balance people, processes and technology - support enablement of better security and risk decisions, and a reduction in the cost of managing overall security risk.
Identifying and responding to cyber threats - Our reputation and brand are on the line, and we'll not compromise. Our company's infrastructure and data need to be safeguarded before something happens and you will be primarily involved in Security information and event management including working with SEIM/SOC managed service providers, supporting SIEM use cases development cycle, triaging and investigating alerts, supporting incident responses, collecting and tracking metrics for reporting.
Responsibilities
Desired Skill
CISSP, ECSA, CHFI, or CASP
10+ years of relevant experience in performing investigation activities for security related events in a complex incident management or Security Operations Center environment
Strong written and verbal communication, presentation and technical writing skills, coupled with a keen interest in furthering your Cybersecurity skills.
Knowledge of NIST Cybersecurity Framework, MITRE ATT&CK, SOC2, and ISO 27001.
Experience with security and regulatory audits.
Previous experience in implementing SIEM/SOC, and Incident/Breach scenario analysis
Experience with creating and fine tuning of SIEM use cases.
Experience with Zero Trust security principles.
Security monitoring experience with cybersecurity and SIEM technologies.
Experience with building SOC processes, playbooks, correlation rules, and incident report
Experience with threat hunting and security incident investigation.
Knowledge of security products and device monitoring tools including Firewalls, IDS/IPS, Phishing and e-mail security, content filtering, DDoS, WAF, and more.
Knowledge of security incident investigation, working with in-house and vendor teams to research, identify and report on incidents.
Knowledge of security incident management, malware analysis and vulnerability management processes.
Strong technical and learning agility, able to adapt to constantly evolving threats, domains and technologies
Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
Threat collection, Analysis & Management and Situational Awareness.
Experience with the security logging and monitoring of cloud environments.
Experience with onboarding and monitoring cloud environments into SIEM.