Cyber security Jobs in King City, ON

Job Description :

• Receive escalation from L1 / L2 SOC analyst to determine increased risk to the business.
• Review log data against security technology rules and filters to propose further improvements to threat detection.
• Coordinate with SIEM Engineers to tune events, improve event correlation, performance, and alerts.
• Develop, create and maintain incident response playbooks.
• This includes identifying areas of potential improvement by reviewing redundant tasks, security incidents and providing task automation suggestions.
• Perform log analysis from multiple data sources to analyze technical data, extracting Tactics, Techniques, Procedures (TTP) and malware attributes.
• Provide support in the analysis of critical events and security tickets to evaluate the effectiveness and efficiency of the incident management process and develop any necessary improvement plans.
• Maintain up-to-date understanding of security threats, countermeasures, security tools and Cloud Security and SaaS technologies.
• Experience tracking incidents against a framework such as SANS and MITRE Telecommunication&CK.
• Provide technical and thought leadership within SOC by teaching other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents.
• Act as Subject Matter Expert (SME) trainer for analyst functions, providing support on plus involved cases and guiding the activity of other T1 / T2 analysts through collaboration.
• Act as the lead coordinator for the Incident Response function and as designated lead on customer on-boarding projects to ensure a successful transition to SOC for security monitoring services.
• Highly technical with at least 5 to 7 years of relevant experience as an analyst in Cyber, IT Security or a SOC.
• Any industry relevant(s) certifications such as CISSP, CISM, SANS, CISA, CompTIA Security+ or CompTIA CySA+, GIAC is required.
• Hands-on experience with Microsoft Sentinel or other SIEM and SOAR technologies, creating and running queries, and performing analytics examination of logs and console events.
• Hands-on experience with Microsoft Defender Endpoint, CSPM / CWP or any similar vendor technologies, ability to understand vulnerabilities with insights from industry-leading security research and provide recommendation to external clients.
• Experience with Malware Analysis and reverse engineering through static or dynamic analysis.
• Experience and demonstrated success in business development activities, including research and analysis, processes development / improvement, proposal writing etc.
• Experience evaluating the design and operating effectiveness of various control frameworks and standards, including understanding process level risks, technology risks, assessing the adequacy of mitigating controls and providing opportunities for enhancement.
• Experience in enterprise asset lifecycle management, with a strong understanding of relating security operations such as patch management, vulnerability management, security architecture, and endpoint management.
• Experience and / or strong understanding of cloud transformation, cloud architecture, and cloud security operations.
• Experience leading and / or managing complex projects.
• Effectively communicate and present strategies, solutions, insights, and reports to a mix of stakeholders at various levels.
• Strong communication skills, effectively presenting strategies, solutions, and insights to stakeholders.
• Leadership role experience, providing mentorship and knowledge sharing to the team and junior / intermediate analysts.