As a Security Analyst for the Cyber Defense Centre (CDC), you are a member of a team that manages IT security on behalf of customers to reduce the impact of security incidents and system compromises. This team provides security monitoring, event investigation and analysis, and countermeasure proposals. As part of the team responsible for the 24×7 Security Event Management Service.
- Following an established, documented process for event detection including but not limited to:
- Receipt of Security Alerts, from monitored devices and asCyber Defense Centre (CDC)iated technology.
- Acknowledgment of receipt of the event.
- Opening new service desk tickets or update existing tickets to track event handling through its lifecycle to resolution and closure.
- Assignment of the event ticket to the appropriate owner.
- Follow established process for identification of events that require filtering.
- Documenting requests for event filtering in the service desk ticket.
- Assignment of the event ticket to the appropriately defined resource.
- In the event of a client request for filtering of certain event types, follow the established process for completing that request.
- Follow an established process to collect relevant data and perform the necessary level of analysis on that data.
- Determine relationships between the event, client services, technologies, and previous tickets.
- Determine whether the relationships warrant an increase in severity and subsequent reprioritization in escalation.
- Document your findings in the service desk ticket as they are discovered.
- Follow an established process for transmitting event investigation data to the appropriate point of contact, whether that point of contact is an external client or an internal resource.
- Report on recurring problems and issues discovered during your duties.
- Provide action plans detailing specifics of:
- What the event indicates (Event Description).
- Why it is important for the client (What the potential risks are to the business).
- What actions the client can take to remediate the current event, and prevent future instances of this event.
- Follow established processes to ensure that resolution criteria are met before closing tickets.
- Windows Server Operating Systems
- Layer 2 and Layer3 OSI model expertise
- Switches/Routers / Firewalls including vendor technical certifications for the major vendors
- Network/System Intrusion Detection or Prevention Systems
- Understanding of basic security concepts: Principle of Least Access, Compartmentalization, etc.
- Asset Management
- Security threat and attack countermeasures
- Ability to conduct in-depth forensic analytical studies and investigations
- Ability to earn the Security+ certification within 3 months of hire, if not already completed
- 1 to 2 years of work experience in a CYBER DEFENSE CENTRE (CDC) environment.
- Excellent written and verbal communication skills.
- Strong troubleshooting and problem-solving skills.
- Team player with the ability to work autonomously.
- Ability to prioritize, and reprioritize work as required.
Benefits of working at Infostream:
- We believe in innovation and vibrant culture – work for an innovative, people-first, Digital Transformation Solutions company that values entrepreneurialism
- Pay for Performance excellent base salary and extensive performance bonuses.’
- We believe in a flexible work structure – A flexible hybrid work model that empowers you to do your best work whether at home or at the office
- We care about your rewards – Competitive compensation including equity programs
- We care about your health – comprehensive group health and dental benefits and life insurance, including a Lifestyle Spending Account for all your wellness needs
- We care about your rest – a flexible paid-time-off policy with unlimited vacation days, flexible sick and mental health days
- We care about your development – industry training and certifications constant
- We care labs – intense labs to sandbox, train with peers and vendors
- Dental care
- Employee assistance program
- Extended health care
- RRSP match
- Vision care