Sr. Information Security Specialist (Cyber Security Incident Response Team) - 56288

Duration: 1 year

Extension possible: Possibility - performance and business needs

Conversion Possible: Possibility - performance, business needs

Work Location: Hybrid: 2 days in office currently, 4 days in office starting Nov 3rd ,Toronto, Ontario

Scope of Project: Microsoft E5 suite - building playbooks an documentation

Team Size/Culture: 11 people, collaborative environment, working with cross functional teams

Preferred Candidate Background: coming from a consultancy agency - kpmg, Deloitte etc.

SUMMARY OF DAY-TO-DAY RESPONSIBILITIES:

• Define, develop and/or implement Technology Controls / Information Security related policies, programs, tools and provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank.
• May participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. You will work within the Cyber Security Incident Response Team (CSIRT), leading in complex investigations, developing detection and hunting techniques, and strengthening our incident response capabilities.
• Lead or contribute to containment and recovery plans for Cybersecurity Incidents.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.

MUST-HAVE Hard Skills:

1.) Experience implementing or optimizing Microsoft E5 security suite

2.) Has experience with Microsoft ecosystem from a security perspective - E5 or E3, XDR, Sentinel

3.) Experience building incident response playbooks and runbooks (knowledge and document management)

NICE-TO-HAVE

1.) Contribute low level details for various automation tasks - XSOAR

2.) Scripting knowledge with python, creating custom API’s etc.

3.) strategic optimization of a security operations center - traditional to modern platform approach