Location: Remote
Security Clearance: Active Secret or Top Secret Security Clearance
Our client is looking to supplement its existing SOC monitoring capabilities with up to three (3) SOC analysts who will work with the current Cybersecurity team on shift work typically but not limited to nights and weekends on an “as and when requested basis”.
The SOC monitoring will be done remotely with the possibility onsite as needed.
Core Responsibilities:
The SOC analyst is required to:
- Monitor the ticketing system and action any urgent tickets, open new tickets and ensure they are kept updated as required.
- Provide “eyes on glass” real-time security monitoring in a 24×7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools.
- Escalate urgent security events to the on-call Senior IT Security Analyst.
- Provide log/network/malware/device analysis as required.
- Highlight gaps in internal and/or external documentation, such as detailed procedures, and operational metrics reports.
- Perform Threat Hunting activities utilizing the client’s SIEM and cybersecurity toolkits
- Update any unplanned travel in the travel tracking spreadsheet.
Knowledge, Skills and Abilities:
- Possess specialized skills in: Cybersecurity Security Monitoring; Cybersecurity Forensics and Investigation; Incident Response and Handling; Vulnerability Assessments; McAfee Enterprise Security Products.
Qualifications:
- Have college diploma or university degree in an IT discipline.
- Five (5) years of experience within the last seven (7) years working as an IT Security Analyst within a SOC environment, performing the tasks listed under “Typical Tasks”.
- Proficiency in the skills, products and technologies listed under “Specialized Skills and Knowledge”.
- A certification in one of the following will be considered an asset: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Computer Examiner (CCE), Certified Incident Handler (CGIH), CompTIA: Security+.
If this role is of interest to you, please submit your resume to recruiting@ipss.ca
