Cybersecurity Analyst- Tier 1 - Toronto, Canada - ISA Cybersecurity

ISA Cybersecurity

Verified Company

Toronto, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

About the Role:

The function of a CIOC Cybersecurity Analyst Tier 1 is to be on the forefront of incident response where they will utilize the latest in network security technology while providing Computer Network Defense and Information Assurance (IA) support to ISA's client base and internal network.

You will be joining an exciting and rapidly growing company. This is an outstanding position offering an attractive salary, defined career path, and excellent employee benefits. This is a permanent, full time position to start immediately. This role will be hybrid with the occasional requirement to perform duties at our Toronto office.

About Us:

ISA is a cybersecurity-focused technology firm, with over 30 years of experience helping organizations of all sizes solve complex challenges relating to IT security.

We act as trusted advisors in providing services to help our clients define, implement and manage their strategies to minimize IT security related risk, and to provide a secure business environment for their employees and customers.

We also deliver state-of-the-art cybersecurity solutions thanks to strong partnerships with the industry's leading Technology Vendors.

Reporting Relationship:

There are no positions that report to the CIOC Cybersecurity Analyst Tier 1.

Responsibilities:

Availability for shift work including day, afternoon and overnight shifts on a monthly rotation schedule
Monitor and analyze network traffic and IDS alerts
Investigate intrusion attempts and perform indepth analysis of exploits
Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
Conduct proactive threat research
Review security events that are populated in a Security Information and Event Management (SIEM) system
Analyze a variety of network and hostbased security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
Independently follow procedures to contain, analyze, and eradicate malicious activity
Perform Tier I/II initial incident triage
Document all activities during an incident and providing leadership with status updates during the life cycle of the incident
Create a final incident report detailing the events of the incident
Provide information regarding intrusion events, security incidents, and other threat indications
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall CIOC functions

Qualifications:

Knowledge of information security event monitoring and detection and NID monitoring and incident response
Familiarity with network security methodologies, tactics, techniques and procedures
Experience with IPS/IDS, SIEMs (specifically with Splunk and Microsoft Sentinel) and other security tools
Ability to read and write Snort IDS signatures
Experience reviewing and analyzing network packet captures
Experience performing security/vulnerability reviews of network environments
Possess a comprehensive understanding of the TCP/IP protocol, security architecture, network and remote access security techniques/products
Experience with enterprise antivirus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
Working knowledge of network architecture
Strong research background, utilizing an analytical approach
Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
Working knowledge of Windows and Linux OS to include experience working in the command line interface
Highly motivated individual with the ability to selfstart, prioritize, multitask and work in a team setting
Double COVID19 vaccination required
Hybrid work environment

Accessibility