You are part of a group responsible for the design, delivery and support of key services related to our business and its customers. These services comprise: Business Intelligence, Business Continuity, IT Operations including System Administration, IT Support and of course Information Security. These services are essential in running our organization and relied upon heavily from all business facets such as Product Development Customer Services, Marketing, HR Legal and Finance.
The objective of our Security Operations Team is to defend these services from cyber-attack including internal and external threat vectors and protect the people and information assets of the organization.
Reporting to the Head of Cyber Security as a Cyber Security Analyst, you are part of a global team of Information Security specialists across the Enterprise. You possess a very strong technical understanding of security operations practices and principles related to an online business applying them pragmatically in order to strike a balance between protecting our people, business and our customers, while allowing the organization to simply get on with doing what it does best.
You are highly motivated with strong technical acumen in security operations working in collaboration with a team of IT operations specialists including DBA, System and Network administrators in identifying and quickly remediating any security related incidents, vulnerabilities or other concerns that may impact the business. You ensure all projects and initiatives you are working on are consistently delivered to a high level of quality and reliability.
You must be able to work in a fast paced, agile environment with short timelines for deliverables. Whilst it is recognized not all security measures are impenetrable you will be measured on your ability to quickly identify, respond to and contain security threats.
The ideal candidate will:
- Operate and monitor Intrusion Detection Systems (IDS), Security Incident and Event Management (SIEM), anti-malware and other cyber-security tools, logs and technologies, enabling rapid detection and response to malicious activities
- Recognize and respond to cyber-attacks and threats based on in-depth, proactive analysis of monitoring, network, application and system event data to identify potentially abnormal or anomalous system behaviour
- Manage the incident response process through to closure
- Perform forensic analysis of IDS, logs, network traffic dumps and other cyber-security event sources, e.g. firewalls, asset inventories, vulnerability registers, through both manual and automated correlation practices
- Evaluate and utilize intelligence regarding new threats and vulnerabilities to ensure protective monitoring is capable of detecting potential new attacks (e.g. through custom IDS or SIEM rules)
- Research and maintain a proficiency in current and emerging threats, vulnerabilities and security technology developments
- Create reports on cyber-security threats, attacks, incidents, and other indicators of cyber-security issues
- Assess the organizations exposure to existing and new vulnerabilities and develop detection / mitigation strategy
- Participate in knowledge sharing with other analysts and develop solutions efficiently
REQUIRED TECHNICAL KNOWLEDGE AND EXPERIENCE:
Technical Skills Required
The successful candidate must possess a strong understanding of the following:
- Familiarity with IDS, SIEM, anti-malware and cyber-security technologies, including tuning, where appropriate
- Demonstrable understanding of network traffic analysis techniques and ability to correlate multiple cyber-security event sources to provide a complete analysis of an intrusion and recommend mitigation
- Familiarity with the tools and techniques used by both ethical and malicious hackers, e.g. vulnerability scanners, exploit frameworks, etc.
- Understanding of the anatomy of cyber-attacks
- Detailed understanding of TCP/IP, Internet protocols and networking principles and OS concepts and technologies.
- Knowledge of multiple operating systems and networking technologies, including hardening methodologies
- Security operations and/CSIRT experience is an asset
- Programming / scripting skills desirable
- Excellent communication skills to be able to work with individuals at all levels of the organization and with third-party vendors
- Detail oriented with strong organizational and analytical skills
BUSINESS SKILLS REQUIRED
- Must be an intelligent, articulate, consensus building individual who can serve as an effective member of the security operations team and communicate effectively information security-related concepts.
- Must demonstrate the ability to maintain strict confidentiality of the company’s internal and personnel affairs
- Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment
- Ability to deal with changes and adapt to a changing environment
- Ability to work well with others, with an emphasis on virtual teams across multiple time zones.
- Able to harness different skills and experience, and build a strong sense of team spirit
- Highly self-motivated and directed
- Ability to work and communicate effectively in a multi-office environment and willingness to travel to other offices overseas as required.
- Excellent verbal communication and writing skills
- Must have strong documentation\technical writing skills
- Must demonstrate professionalism and maturity when working with internal business functions, peers, senior management, and vendors
EDUCATION / CERTIFICATIONS
Technical Skills Required
- Security Operations and or CSIRT experience is an asset
- Degree in Computer Science or equivalent working experience preferred
- Ability to work independently or as part of a team.
- Flexible schedule with the ability to work occasional nights and weekends.
- Proficiency in MS Office applications.
- Experience using Site Catalyst or Google Analytics an asset.
- Experience with CMS systems such as WordPress and Drupal an asset.
- Online Gaming and/or general sports knowledge is preferred.
To apply for this position please click here.
Please complete the form and attach your resume.