Cybersecurity Analyst - cybersecurity incident responder who can manage incidents at Tier 3 level 2785

Cybersecurity Analyst

Must be able to work from our Markham office a minimum of three days per week.

MARKHAM HEADOFFICE-Markham

We are looking for an experienced cybersecurity incident responder who can manage incidents at Tier 3

level and who is experienced in investigating cybersecurity incidents using incident response tools. The

Cybersecurity Analyst - Incident Response role will also support internal fraud and financial crime

investigations where there is a cyber element. This position has an on-call rotation element to provide

prompt response to mitigate impact a 24/7.

The candidate will have experience with Information Technology and a solid level knowledge of

Cybersecurity principles.

• Take ownership of incident response activities and create summary reports for management

and other internal stakeholders

• Analyze escalated cybersecurity alerts from managed service providers to determine impact,

select most effective containment and remediation activities, and ensure appropriate recovery

takes place

• Maintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying

enhancement opportunities in configuration and alerting rules while practicing and improving

practical skills

• Conduct detailed technical investigation of cybersecurity incident root causes including threat

vector, technique and tactics

• Be diligent throughout shift and when on call to quickly response to cybersecurity alerts and be

available for time sensitive responses

• Work with key internal teams from Group CISO, Privacy Office, and Financial Crime Teams to

support other investigations where there is a cyber element

• Adapt to fast-paced environment

MUST HAVE

• At least 5 years of experience directly working in cybersecurity incident response, preferably in

a large financial services institution

• Strong incident response technical skills, knowledge of network protocols and network

communication principles, understanding of vulnerabilities and remediation techniques

• Demonstrated ability to analyze cybersecurity alerts to determine business impact and selecting

containment and remediation activities that appropriate recovery

• Maintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying

enhancement opportunities in configuration and alerting rules while practicing and improving

practical skills

• Conduct detailed technical investigation of cybersecurity incidents and identified root causes

including threat vector, technique and tactics.

• Demonstrated ability to establish effective working relationships and collaborative work

approaches with both internal and external peers

• Obtained or pursing a recognized cybersecurity incident response or related certification, such

as CISCP, OSCP, CIH, CHFI etc.

• Experience reviewing, analyzing, discussing, explaining, and reporting cyber threats and results.

• Strong interpersonal and communication skills, ability to respond to multiple incidents

simultaneously and in a prioritized matter.

• Preferred candidates will also have experience in threat hunting OR threat intelligence OR

forensics, in addition to cybersecurity incident response.

EDUCATION & CERTIFICATION

• University Degree in Computer Science or Computer Engineering would be an asset

• Insurance industry specific background would be an asset

• Certifications in Cybersecurity incident response