Investigator, Cyber Security Operations Centre

Putting people first, every day

BDO is a firm built on a foundation of positive relationships with our people and our clients. Each day, our professionals provide exceptional service, helping clients with advice and insight they can trust.

In turn, we offer an award-winning environment that fosters a with a high priority on your personal and professional growth.

Your Opportunity

BDO Digital is seeking an experienced Consultant or Senior Consultant to join our Cyber Security Operations Investigation team.

You will contribute your investigative skills and experience within our award winning Microsoft managed detection and response services for our clients on a continuous basis.

As a SOC investigator, you will have the opportunity to work within a culture that is highly collaborative, supportive, and offers an opportunity to help grow your career within the cyber security field.

If you are passionate about security operations, threat intelligence, analytics, and incident response, and are looking for a challenging and rewarding career, this is the right opportunity for you.

As an Investigator within our Cyber Security Operations Centre, your responsibilities will include :

Responding to escalated incidents from our Microsoft Sentinel clients

Providing contribution across the entire investigative lifecycle or an incident

Interacting with clients on investigations collaborating with them through to completion

Identifying quality issues across all SOC processes in order to improve our quality to clients

Maintaining awareness of contemporary, prevailing cyber threats and their impacts to security

Being proactive in sustaining SOC activities by supporting and executing security engineering tasks

Maintaining extensive awareness of Microsoft and other related security technologies

Participating in morning or evening shift work.

How do we define success for your role?

You demonstrate BDO's core values through all aspect of your work : Integrity, Respect and Collaboration

You understand your client’s industry, challenges, and opportunities; clients describe you as positive, professional, and delivering high-quality work

You understand and demonstrate proven success participating in the cyber operations team effectively

You are focused on effective service delivery to your clients

You share in an inclusive and engaging work environment that respects everyone

You actively support the adoption of new digital tools and innovation

You grow your expertise through learning and professional development

Your experience and education

Required :

Degree or Diploma in cybersecurity, IT or related area

2 to 6 of years experience investigating incidents within a security operations centre

Knowledge and experience with next generation security operations to include Sentinel, contemporary EDRs

Knowledge of familiarity with SIEM, EDR, IDS / IPS, Active Directory, VM and other related solutions

Strong client communication skills to include verbal and written communication

Proven ability to understand and deliver on agreed upon service levels

Knowledge of security threats and common vulnerabilities for legacy and Cloud environments

Strong knowledge of cyber security frameworks and industry recognized security frameworks

Fostering critical thinking within robust security processes and response deadlines

Understanding the role of intelligence, vulnerabilities and hunting within the overall security process

Experience coding in Python or similar languages

Experience with query language methods (e.g. SQL, KQL)

Constantly asking : Has the situation changed?

Preferred :

Related cyber experience in risk, architecture, engineering or other related areas

Certification(s) Preferred :

One or more of the following :

Certified Information Systems Security Professional (CISSP)

Certified Cloud Security Professional (CCSP)

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Cloud certifications such as Azure Fundamentals, Azure Security Engineer, AWS Technical Essentials

Microsoft SC-200