Cyber Defence Incident Response Specialist

Cyber Defence Incident Response Specialist

Description of Assignment

The Specialist will support the Office of the CISO division in the delivery of monitoring, threat hunting, and incident response activities, as well as assisting with handling incident tickets in the threat management incident ticket queue.

The Specialist will provide expertise in the areas of cyber incident monitoring, response and threat hunting.

Assignment Duties

• Responsible for using available tools such as the EDR, NDR and SIEM platforms to monitor, detect and respond to cyber threats.
• Responsible for working together with MSSP and internal teams in responding to threats.
• Provide verbal and written recommendations on remediating cyber incidents.
• Provide recommendations related to configuration of cyber security tools such as EDR, NDR and SIEM.
• Assist team in troubleshooting use cases related to the detection of cyber incidents.
• Assist team in performing internal tabletop exercises and threat simulations (purple team exercises).

Experience and Qualifications

• A minimum of 2 years hands-on experience in cyber incident response
• Experience using SOC tools such as SIEM, EDR and NDR to detect, investigate, and respond to alerts indicating potential cyber threats.
• Strong verbal and written communication skills to provide email responses to stakeholders regarding recommendations and action steps required to address cyber threats (comfortable & confident communicating at all levels including business partners, leadership and vendors)
• Strong IT knowledge and cyber relevance with cyber threats, trends and technologies.
• Demonstrated ability to support others as part of a team (include examples providing assistance to coworkers on investigations, threat hunting, detection engineering, etc.).

Job 70606