Cyber SOC Analyst - Ottawa, Canada - Bank of Canada

Bank of Canada

Verified Company

Ottawa, Canada

1 week ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Cyber SOC Analyst

Take a central role

The Bank of Canada has a vision to be a leading central bank—dynamic, engaged and trusted—committed to a better Canada.

No other employer in the country offers you the unique opportunity to work at the very center of Canada's economy, in an organization with significant impact on the economic and financial well-being of all Canadians.

You will be challenged, energized and motivated to excel in our environment.

Building on the principles that have always guided us - excellence, integrity and respect - we strive to be forward-looking and innovative, to welcome people with diverse perspectives and talents, and to earn trust by living up to our commitments and by clearly explaining the intent of our policies and actions.

With our defined-benefit pension plan, benefits, and high flexibility for work life balance - find out more about why we are annually ranked as one of Canada's top employers: Working Here - Bank of Canada

Find out more about the next steps in our Recruitment process.

About the position:

Reporting to the Program Manager, you will join a highly impactful Cyber SOC team. Our team is a collaborative group of about 15-20 diverse individuals across multiple domains including Analysts, Consultants, Students, etc.

Further - you will have autonomy to make decisions and recommendations along with the opportunity to utilize state-of-the-art Enterprise Cyber Security Solutions and consistently learn as technology in the industry evolves.

What you will do

You will provide vital Bank-wide security services, ensuring the confidentiality, integrity, and availability of the Bank's information assets by using a portfolio of IT security tools, including the Bank's Endpoint Detection and Response (EDR) solution and the Security Information and Event Management (SIEM) solution.

You also review and validate emerging threats, follow established methodologies, recommend process and technology improvements, develop new capabilities as required and author clear and concise reports.

More specifically, you will:

Review and perform IT security monitoring and incident response to IT security incidents
Detect, analyze, and implement approved security safeguards to limit intrusions and incidents
Review security incidents to determine their severity and draft reports detailing the activity
Analyze hostbased and/or networkbased indicators of compromise or network traffic to assist in generating new attack signatures
Analyze additional log, forensic, malware or other related data, as needed
Respond to IT security incidents and perform threat analyses, as directed
Create, modify and update EDR and SIEM rules and use cases
Perform detailed technical analyses of threats, including malware, viruses, and other malicious code
Work with industry organizations, business partners and technology teams to develop cyber security defensive techniques and best practices
Provide support, including oncall, shift or weekend work as required, for systems within your area of expertise

What you need to succeed

You are an effective communicator and have excellent analytical skills which enable you to efficiently prioritize and organize competing work demands with little oversight.

You also have strong organizational and problem-solving skills and are a great team player, self-starter and have an eye for change initiatives.

In addition, you have:

Advanced knowledge of network protocols, TCP/IP fundamentals, Security Information and Event Management (SIEM) solutions, Intrusion Detection Systems (IDS), logging, network & system forensic investigation techniques
Familiarity with both hostbased and cloudbased threat hunting, detection, investigation, EDR tools and SIEM tools and capabilities
Advanced knowledge of operating systems (Windows, Linux, Solaris)
Proficiency in malware triage and reverse engineering

Nice-to-have

Relevant certifications (CISSP, GIAC, etc.)
Experience in managing and configuring Windows, Unix and/or security appliances
Experience scripting in either Python or PowerShell
Familiarity with the concepts of detection engineering and the MITRE ATT&CK framework

Your education and experience:

What you need to know

Language requirement: English or French essential
Priority will be given to Canadian citizens and permanent residents
Security level required: Be eligible to obtain Secret
Relocation assistance may be provided, if required
Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.
The official title for this position is "IT Security Monitoring Specialist "

Hybrid Work Model #LI-Hybrid**The Bank offers work arrangements that provide employees with flexibility, enable high-performing teams, and support an excellent workplace culture. Most employees can telework from home for a substantial part of each month as part of the Bank'