- 5+ years of IT experience, with a minimum of 3 years of hands-on experience deploying, configuring, and troubleshooting Microsoft Sentinel SIEM and Microsoft Defender.
- An understanding of threat detection and response is critical, including the ability to create, manage, and investigate alerts, understanding security threats, anomalies, and breach patterns.
- Hand-on experience in KQL with developing Use Cases in MS Sentinel
- Experience in Function App and /or Logic App development
- Lead the log onboarding and integration process for Microsoft Sentinel SIEM, ensuring successful integration of various log sources onto the SIEM, including the development of custom use cases where required
- Maintain, and administer security monitoring and alerting systems and processes, ensuring ongoing visibility into the security of IGM environments
- Continuously improve the efficiency of threat detection, alerting and response through use case development, tuning and automation
- Configuring and monitoring Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firm's Managed Security Services Provider (MSSP) services
- Utilize scripting languages, including PowerShell, Python, and KQL, to automate tasks and enhance system functionality.
- Development of advanced Sentinel queries and workbooks, including Logic/Function App development
- Create and maintain system documentation for security event processing.
- Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics
- Assist in the incident response processes to contain, remediate, and recover from security incidents
- Maximize security tools to continuously improve the detection, prevention, and analysis of security incidents
- Maintain, administer, and integrate threat detection and remediation capabilities into security operations to address emergent cyber threats to IGM products, services, data, and infrastructure.
- Maintain and administer the day-to-day activities of Microsoft Sentinel Security Incident and Event Management (SIEM), including
- Actively analyze external threat sources as leading indicators of attacker activity and contribute to broader defense sharing network
- Partner with Architecture, Engineering and Application Development teams to establish and maintain comprehensive visibility into potential risk events across a large scale cloud environment
- Develop the integration and automation strategy around multiple automation (SOAR) toolsets
- Create and maintain operational policies and procedures including playbooks and runbooks
- Partner with the Risk Management team to define Key Risk Indicators and automated dashboards presenting risks and KPIs
- Hands on configuration experience
- Manage and maintain the integration of threat intelligence feeds into the SIEM to enhance detection capabilities.
- Ensure the SIEM platform supports compliance reporting requirements relevant to our industry (e.g., NIST SP800-53, NIST CSF, CSA CMM).
- Provide training to other team members and stakeholders on the usage, benefits, and outputs of the SIEM system.
- Experience with cloud security and integrating cloud logs into the SIEM.
- Experience with EDR solutions is an asset.
- Bachelor's degree in computer science, Information Technology, or a related field (or equivalent work experience).
- 5+ years of IT experience, with a minimum of 3 years of hands-on experience deploying, configuring, and troubleshooting Microsoft Sentinel SIEM and Microsoft Defender.
- An understanding of threat detection and response is critical, including the ability to create, manage, and investigate alerts, understanding security threats, anomalies, and breach patterns.
- Hand-on experience in KQL with developing Use Cases in MS Sentinel
- Experience in Function App and /or Logic App development
- Strong core foundation experience in fundamental cloud technologies and services
- Relevant professional certifications in Cloud (AWS, GCP, Microsoft Azure e.g. SC-100: Microsoft Cybersecurity Architect) and IT Security (Security+, CISSP, CCSP) are highly desirable.
- Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment
- Knowledge of the Financial Services industry is a definite asset
- Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors
-
Security Consultant
6 days ago
MOBIA Technology Innovations Toronto, CanadaRemote - Canada · MOBIA Technology Innovations is a Systems Integration company with multiple business unit areas: Broadband and Wireless Services, Managed Services, Infrastructure Solutions, Cybersecurity and Application and Data Services. Working with Service Providers, Governm ...
-
Security Consultant
1 week ago
ydc pro Inc Toronto, CanadaHi All, · We are hiring for **Security Consultant (Cyber + Networking) **Position for **Toronto** Location · Work type: Contract and Hybrid · Client: Ministry · Residential Status**:Must be PR or Citizen** · **Must Haves**: · **Cyber Security and Network Security** · - 2+ years h ...
-
Security Consultant
2 days ago
CDW Toronto, CanadaBring your IT career and talents to CDW, where you can have a greater impact, be inspired by our mission and excited about your job and future. The #1 name in Canada for IT services and solutions, we are an innovative Fortune 200 leader driving meaningful technological change for ...
-
Security Consultant, Offensive Security
8 hours ago
Herjavec Group Toronto, Canada**About the Company** · Cyderes is a global cybersecurity powerhouse offering comprehensive solutions around managed security, identity and access management, and professional services. Cyderes provides the people, process, and technology modern enterprises rely on to manage risk ...
-
Lead Consultant, Security Consulting
8 hours ago
Banque Laurentienne Toronto, Canada**Lead Consultant, Security Consulting & Design**: · - Toronto- Lbc TechTemps plein février 2023**Banque Laurentienne. Voir au-delà des chiffres** · **Construire une institution financière meilleure et différente** · Avantages Financiers · Environnement de travail · Transport · N ...
-
Junior Security Consultant
1 week ago
Long View Systems Toronto, Canada**Long View. A career that helps you get more out of life.** · *** · A Long View career helps you get more out of life. We don't just say it, we prove it. Every day. We're proud of our reputation as one of North America's most dynamic IT providers — and we're even prouder of our ...
-
Security Consultant I
2 days ago
TELUS Toronto, CanadaLocation: Toronto, ON, CA Burnaby, British Columbia, CA Calgary, AB, CA Vancouver, British Columbia, CA Edmonton, AB, CA Ottawa, ON, CA- Req ID: Jobs by Category: Security & Automation- Job Function: Cybersecurity- Status: Full Time- Schedule: Regular**Description**: · **Join our ...
-
Cyber Security Consultant
2 days ago
Speridian Technologies Canada Inc. Toronto, Canada**Speridian** is a global business and technology solutions provider, we help clients modernize their businesses through Digital Transformation. At our core, we are an Information technology consulting and services company with a proven track record of solving business challenges ...
-
Consultant, Information Security
8 hours ago
CIBC Toronto, CanadaWe're building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients. · At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what ...
-
Workday Security Consultant
6 days ago
Huron Consulting Group Inc. Toronto, CanadaThe Opportunity · Huron is a global consultancy that collaborates with clients to drive strategic growth, ignite innovation and navigate constant change. Through a combination of strategy, expertise and creativity, we help clients accelerate operational, digital and cultural tran ...
-
Security Consultant Ii
1 week ago
TELUS Toronto, CanadaLocation: Toronto, ON, CA- Req ID: Jobs by Category: Technology Solutions- Job Function: Customer Service- Status: Full Time- Schedule: Regular**Description**: · **Make a difference in our mission of defending TELUS and Canadians from threat actors.** · **Join our team** · We liv ...
-
Information Security Consultant
1 day ago
eSentire Toronto, CanadaAbout eSentire · Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire m ...
-
Information Security Consultant
3 days ago
Turner & Townsend Toronto, Canada**Company Description** · From the inception of a project through to completion and beyond, Turner & Townsend help to deliver the outcomes that matter through transformational programs covering the full spectrum of consultancy, project delivery and post-project operations. · With ...
-
Application Security Consultant
1 week ago
Royal Bank of Canada Toronto, Canada**Come Work with Us** · At RBC, our culture is deeply supportive and rich in opportunity and reward. You will help our clients thrive and our communities prosper, empowered by a spirit of shared purpose. · Whether you're helping clients find new opportunities, developing new tech ...
-
Consultant, Security Systems
1 day ago
CIBC Toronto, CanadaWe're building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients. · At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what ...
-
Cyber Security Consultant
1 week ago
Compest Solutions Inc Toronto, Canada**- ( Cyber Technology Compliance Operations Standard - Project)** · **Max Rate: CAD $60/hr on Inc** · **Bank domain** · **Location: GTA** · **Work Type: Hybrid (3 days in office)** · **Technical Writer** · - Produce a **Cyber Technology Compliance Operations Standard**: · - Requ ...
-
Network Security Consultant
1 week ago
ydc pro Inc Toronto, CanadaHi All, · we are Hiring for **Network Security Consulatnt Position** for Toronto Location · work type: Contract and Hybrid · Exp: Min 8 Years · **Travel Requirements** - The resources must be available to travel the same day or overnight in Ontario, as required. For this role, tr ...
-
Consultant, Information Security
5 days ago
CIBC Toronto, CanadaWe're building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients. · At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what ...
-
Cyber Security Consultant
8 hours ago
Infotek Consulting Services Toronto, CanadaQualifications · - Strong background in CyberArk privilege cloud administration and implementation · - A strong working knowledge of CyberArk core architecture, vault management, password management, and policy management · - A thorough understanding of Identity and Access Manage ...
-
Consultant, Corporate Security
1 week ago
CIBC Toronto, Canada Temps pleinNous bâtissons une banque axée sur les relations pour un monde moderne. Nous recrutons des professionnels talentueux et passionnés qui ont à cœur de faire ce qu'il faut pour nos clients. · À la Banque CIBC, nous misons sur vos forces et vos ambitions pour vous donner le pouvoir ...
Microsoft Security Consultant - Toronto, ON, Canada - Akkodis
Description
Role:
Senior Security Platform Specialist Location:
Toronto, Ontario, Canada
Duration: 11 Months (Hybrid)
Key skills:
The Senior Security Platform Specialist is a senior member of the Threat Management team responsible for operating and maintaining the Security Incident and Event Management (SIEM), including ingestion of logs from various log sources, developing and tuning of use cases.
Mandatory:
The candidate must have hands-on experience in security platform engineering that include the Design, Configuration, Deployment and Operationalization of Microsoft Sentinel Security Incident and Event Management (SIEM)
Key Capabilities & Responsibilities
o Log Integration
o Use Cases
o Use Case tuning
o Logging and Monitoring
o Log analysis and correlation
o Security Orchestration (SOAR)
o Runbooks for critical incident types
o Security Monitoring / User and Entity Behavior Analytics (UEBA)
o Security Incident Response & Remediation