Sirius Computer Solutions, has an immediate opportunity for an Analyst, Managed Security Services in our Mississauga, ON Security Operations Centre. Join our growing team in supporting enterprise clients, with a focus on Incident Response, EDR, and SIEM tools.
Sirius is now part of CDW, a Fortune 500 company and leading provider of information technology solutions to customers in the United States, the United Kingdom and Canada. Our capabilities arestronger than ever.
Position Summary:
The Analyst – Managed Security Services provides first-level technical client support, upholds defined service level agreements (SLA) and customer service excellence. The Analyst focuses on developing their knowledge, technical expertise, execute in line with processes and procedures documentation, and provide quality management improvement feedbacks to management.
Primary Duties & Responsibilities:
24x7 Support – 80% job weight
- Monitors and resolves first-level support requests across all managed technologies. Escalates second-level support to senior team members.
- Collects and disseminates information to clients during and post-incident.
- Identifies, records, and escalates service performance trends, anomalies, and SLA breaches to senior leadership.
- Applies Trusted Advisor techniques to build up client trust and influence
- Carries out initial triaging, first-level analysis, and resolution of Security incidents across supported platforms.
- Staging and implementation of approved changes.
- Monitors and manages request and incident queues and provides response and resolution within Service Level Agreement and Service level objective metrics parameters.
- Initiates real time incident response on affected endpoints by running approved scripts to remove indicators of attack.
- Carries out 24 by 7 monitoring of up times on all managed platforms and perform daily health checks on managed SIEM infrastructure.
- Carries out on-demand vulnerability management scans based on clients’ requests.
- Carries out Rapid IOC searches based on given IOC obtained from threat intelligence feeds across clients’ SIEM infrastructure and Endpoint detection and response platforms.
- Troubleshoots and resolves connectivity issues on firewalls and proxy devices.
- Opens technical support cases with respective vendors where applicable.
Professional Development – 20% job weight
- Attends training sessions or shadowing activities and obtains industry and technology related certifications as determined by the Manager.
Basic Qualifications:
- Bachelor's degree (B.A./B.S) or 3-years diploma in Engineering, Computer Science, or a Technology related field
Other Position Requirements:
- The candidate must be proactive and pay attention to details.
- Works collaboratively with other teammates.
- Takes ownership and drives issues towards a resolution.
- Demonstrated a good understanding of IT infrastructure systems, Cybersecurity fundamentals, vulnerability management fundamentals, Endpoint and Server administrations, Network routing and switching, Network traffic analysis and administration.
- Demonstrated ability to acquire technical skills and certifications required to effectively execute the role, develop familiarity with industry or specialty products/services, and apply the knowledge gained through
- Demonstrated ability to investigate problems and use standard operating procedures and processes to resolve
- Demonstrated good troubleshooting and problem-solving skills. Possess an innate curiosity and critical thinking mindset.
- Demonstrated ability to establish positive working relationships and contribute to team objectives in a consulting
- Demonstrated good verbal, written communication skills and the confidence to engage the clients effectively.
- Proven time management and organizational skills.
- Word, Excel, Visio, PowerPoint, and Outlook skills.
Preferred Qualifications:
- Experience responding to security alerts and performing analysis on them
- At least 1 year of IT work experience that includes firewall configuration and administration with Palo Alto and/or Checkpoint, SIEM tools, and cloud security
- At least one (1) technical certification in the technologies for which Sirius offers Managed Security
- These may include, but are not limited to: Check Point: CCSA, CCSE: Cisco; CCNA-Security, CCNP – Security, CCIE – Security; Blue Coat: BCCPA, BCCPE; Palo Alto: ACE, PCNSE; QRadar; SANS GCIA, GCIH, Splunk, LogRhythm, Microsoft Azure, Amazon Web Services (AWS), or similar technology certifications
Data Privacy and Security:
- All Sirius employees are responsible to safeguard the information and information systems that they use or handle in the execution of their duties. Employees are obligated to know and perform their duties in accordance with Sirius policies, standards, and procedures related to security and report security violations to the appropriate Sirius authority.
- Participate at hire and annually in the Information Security Awareness training as well as other required training identified by the Human Resources department. Other data privacy and data security related regulatory training may be required based on your role or assignment.
Essential Functions:
The position is part of a 7 day per week, 24 hour per day managed services operations. To provide the required coverage, must be willing to work nights, weekends, holidays, and overtime.
The above primary duties, responsibilities, and position requirements are not all inclusive.
Sirius is an equal opportunity employer that values a diverse and inclusive work environment.