Cyber Security Siem Specialist - Ottawa, Canada - Bank of Canada

Bank of Canada

Verified Company

Ottawa, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Cyber Security SIEM Specialist

Take a central role

The Bank of Canada has a vision to be a leading central bank—dynamic, engaged and trusted—committed to a better Canada.

No other employer in the country offers you the unique opportunity to work at the very center of Canada's economy, in an organization with significant impact on the economic and financial well-being of all Canadians.

You will be challenged, energized and motivated to excel in our environment.

Building on the principles that have always guided us - excellence, integrity and respect - we strive to be forward-looking and innovative, to welcome people with diverse perspectives and talents, and to earn trust by living up to our commitments and by clearly explaining the intent of our policies and actions.

With our defined-benefit pension plan, benefits, and high flexibility for work life balance - find out more about why we are annually ranked as one of Canada's top employers: Working Here - Bank of Canada

Find out more about the next steps in our Recruitment process.

The team:

You will be joining a highly impactful Cyber Security Operations team with the mission to keep Canada's economy safe & secure.

You will be provided with autonomy to make decisions and recommendations as you see fit - within a diverse, fully supportive team all pulling in the same direction.

Further - you will have the opportunity to utilize state-of-the-art Enterprise Cyber Security Solutions and consistently learn as technology in the industry evolves.

What you will do

You will provide vital Bank-wide security services, ensuring the confidentiality, integrity, and availability of the Bank's information assets by implementing, managing and developing a portfolio of IT security information and event management (SIEM) tools to support the Banks various platforms and providers.

In addition, you will be:

Implementing, maintaining (monitoring), enhancing, and integrating all aspects of the Bank's SIEM solution and toolsets.
Assisting with security incidents, investigations, rootcause analysis and support realtime tools development to enable better detection, response, and incident response capabilities to drive down detection and containment times in partnership with the security operations team
Providing advice and recommending solutions leveraging the capabilities of the SIEM
In conjunction with other teams, providing and developing new content using the SIEM solution to security operations.
Developing and improving deployment and operations support documentation related to all aspects of SIEM. This includes a review of current documentation and the creation of new material.
Working closely with the security operations team to improve knowledge and operational use of the solution
Maintaining strong productive relationship with our SIEM vendor to ensure support and that Bank is receiving value on an ongoing basis

What you need to succeed

You are a curious, rational, and critical thinker whom, by nature, loves to dig deeper on problems and always questions the "why".

As an effective communicator, you can communicate in a clear and concise manner and have a team and security first mentality and can naturally step in to support your co-workers.

You will also have familiarity and/or a proven skillset within:

Splunk as an Security Information and Event Management (SIEM) platform including knowledge of its deployment, capabilities, support, monitoring and troubleshooting abilities
At least one scripting language preferably Python or PowerShell
Operating System telemetries (process, network, DNS, Registry, etc.)

Nice-to-have:

Previous experience with defensive security / blue teaming
Experience analyzing security events using event aggregation and correlation systems, including SIEM capabilities
Experience in programming/scripting languages
Administration and use of Linux operating systems with Fedora (Red Hat, CentOS) or Debian (Ubuntu), including scripting in a shell environment (Bash, etc.)
Experience with cloud computing, with a particular focus on Microsoft Azure.
Relevant cyber Security certifications (CISSP, GIAC, etc.)

Your education and experience

What you need to know

Language requirement: English or French essential
Priority will be given to Canadian citizens and permanent residents
Security level required: Be eligible to obtain Secret
Relocation assistance may be provided, if required
Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.
The official title for this position is "Security Device Management Specialist "

Hybrid Work Model #LI-Hybrid**The Bank offers work arrangements that provide employees with flexibility, enable high-performing teams, and support an excellent workplace culture. Most employees can telework from home for a substantial part of each month as part of the Bank's hybrid work