SEC-002 Cyber Security Advisor

Brampton (Hybrid)

Our client's Digital & Technology team wakes up every day with one goal in mind – to connect Canadians to the people and things that matter most. Collectively, they’re proud to support 30 million Canadians each month.

They manage a robust portfolio that champions the leading edge of technology and media. They drive projects that expand connectivity to underserved communities from coast-to-coast-to-coast; build and enhance our fixed broadband network to provide high-speed Internet, TV and Smart Home Monitoring; and support their world class wireless network, offering their customers Canada’s largest and most reliable 5G network.

Our client is seeking for a Cyber Security Advisor to join their Cyber Protection Center. Reporting to the Sr. Manager, Cyber Security Operations Center (CSOC) at their Brampton Campus.

Our client's Information and Cyber Security Unit is seeking a highly motivated Cyber Security Advisor. This role is responsible for maintaining and advancing our existing cyber security program through the continual review and development of cyber security strategy and security incident response procedures. This role is equivalent to a SOC Tier 2 or 3 level specialist Reporting to the Sr. Manager, Cyber Incident Response and Intelligence, the incumbent will be tasked with providing support to cyber incident response function, which includes the identification and application of threat intelligence information.

Summary of Job Functions:

  • Providing first-line response and initial management of any new or developing cyber security related issues including participation in on-call rotation.
  • Enhanced level triage and assessment of security events to determine risk to business.
  • Utilizing “kill chain” methodologies, effectively determine risk prioritized response, investigate security events and make clear recommendations on mitigation.
  • Review and interpret alerts, events and system alarms using SIEM, other tools, behavioral analytics, and network analysis while providing evolved emergency response services, incident management and analysis.
  • Respond to service provider network attacks affecting critical network infrastructure and the cloud environments.
  • Produce detailed incident reports and technical briefs on security incidents and preparing executive risk based metrics reports based on the MITRE ATT&CK model.
  • Participate and contribute to post incidents reviews and documentation.
  • Identify and report on threat intelligence from external resources and use to apply risk based assessments.
  • Day-to-day threat hunting, monitoring and analysis of risk-based threat intelligence.
  • Conduct digital forensic examinations of digital media from a variety of sources, using industry's best practices and standard tools.
  • Being proficient in the latest forensic response and reverse engineering skills, along with astute interest in the latest exploit methodologies.
  • Responsible for developing and evolving SOC response procedures based on MITRE ATT&CK.
  • Performing gap assessments, develop automation scripts and correlation rules, tuning of systems & security tools.
  • Maintain knowledge of adversary Tactics, Techniques, and Procedures (TTP).
  • Review and respond to escalated security events from other analysts.
  • Contribute to security projects, meetings, and ad-hoc requests.

Qualifications

  • Undergraduate degree in computer science, engineering, information science, or a related technical discipline
  • 5+ years of related experience in cybersecurity or computer network defense or incident response
  • CISSP, GIAC, GREM accompanied by a Forensics certification preferred
  • Strong knowledge of Clouds, Service provider/ Telecom infrastructure, virtual environments, web applications and APIs
  • Experience with forensic tools and methodologies is required
  • Scripting (Powershell, Bash, Perl, Python) knowledge/experience a bonus.
  • Working knowledge of TCP/IP networking, including routing and common ports/protocols.
  • Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar role.
  • Strong knowledge of malware families and network attack vectors.
  • Strong knowledge of Linux, Windows system internals.
  • Understanding of payment card processing, related fraud and carding techniques.
  • Ability to clearly articulate risk & findings to internal clients both verbally and in written form.
  • Excellent communication, interpersonal, and documentation skills.
  • Strong organizational, time management, and multi-tasking skills.
  • Ability to work well both independently and in a team environment.
  • Proficiency with Microsoft-based computer programs, Outlook, Word, Excel, and PowerPoint.