Our Client, the National leader in their industry, is seeking a talented Information Security Analyst to join their growing Security Operations Team. This role will be responsible for a variety of information security functions including threat hunting & mitigation, endpoint alert investigation, vulnerability assessments and incident response. A successful candidate will display a passion for security and works to understand new technology trends and the latest methods for cyber attacks. Hands-on experience with Azure, Sentinel, Purview & Defender for Cloud is ideal. This is a full-time permanent opportunity based in Oakville, Ontario requiring 3 days' onsite in a hybrid model. We have worked extensively with this Client for 18+ years and have received excellent feedback from those candidates whom we have successfully placed. Please contact us to learn more.
As a Security Operations Center (SOC) Analyst, you will play a pivotal role in monitoring and responding to computer security incidents identified within the corporate environment. This role employs defensive measures and uses information from various sources to perform initial assessment, investigation, remediation, and, when needed, handle complex incident escalation from Level 1 analysts. As a SOC Analyst, you’ll often serve as a subject matter expert, advising on security best practices, standards, and risk analysis methodologies during project engagements and regulatory audit. This role demands strong technical proficiency and broad experience across diverse technologies and compliance standards and staying up to date with emerging threats and industry trends.
Responsibilities:
- Investigate, analyze, and respond to network cybersecurity incidents promptly and effectively, ensuring the protection of organizational assets and the mitigation of potential threats.
- Assess systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
- Implement continuous improvement initiatives to advance Security Operations Center (SOC) maturity which includes but not limits to:
- Ongoing development and maintenance of rulesets across diverse security toolsets
- Identify and propose amendments on playbook work instructions and procedures.
- Leveraging SOAR and AI technology to automate manual processes and streamline operational workflows.
- Contribute to the advancement of a cloud-first strategy through the cultivation of foundational cloud knowledge and hands-on experience with platforms, primarily Azure.
- Perform hunting for unknown cyber threats using profiling techniques to find unusual or anomalous activity which has not been detected by vendor signatures.
- Support the adoption of new technologies and projects, serving as the subject matter expert (SME) to ensure that security remains a foundational consideration throughout the adoption process.
- Build and improve upon existing security tools and utilities, enabling the SOC team to operate at the pace and scale required and improve overall cybersecurity posture.
Requirements:
- Bachelor’s degree in computer science, Computer Engineering, Information Technology, or related field
- Proven years of experience working in Security Operations and Incident Response with demonstrable experience in responding to security incidents by performing host based and network forensics as well as investigation of security appliance and network logs.
- Deep understanding of logging and monitoring systems for security events/SIEM, network-based and host-based intrusion detection, firewall, endpoint detection and response (EDR), SOAR technologies, UEBA and Azure Security Center and Sentinel.
- Hands-on experience with Microsoft technologies including Azure, Purview and Defender for Cloud
- Demonstrated understanding of security vulnerabilities, attacker exploit techniques and methods for their remediation.
- Strong deductive reasoning, critical thinking, problem-solving, and prioritization skills.
- Ability to rapidly find, assimilate and synthesize information correctly in high demand situations.
- Solid understanding of frameworks, standards, and assessments such as ISO 27001, SOC 1, SOC 2, PCI, NIST.
We wish to thank all applicants for their interest and effort in applying for this position.
For a complete list of our current job openings, please visit our website at www.staffit.ca
Thank you for choosing Staff IT as your Information Technology Staffing Partner.
