Senior Security Analyst with Vulnerability / Risk Assessment experience to develop security content and Data Loss Prevention rules / controls with one of our major banking clients-
Location Address : Scarborough Hybrid : 2 days / week in office (there is some flexibility to WFH if preferred), but this may change to 4 times / week strong preference for candidates in GTA
Contract Duration : 1 year (Possibility of extension & conversion to FTE)
Schedule Hours : Monday-Friday, 9am-5pm, 37.5 Hours Per Week
Story Behind the Need
- Business group : Cyber Automation .
- Project : Reporting to the Senior Manager, Security Content Development, the Specialist, will work as part of Cyber Automation & Defense (CAD) team and will be responsible for identifying security exposures in the organization and advise on appropriate compensating controls.
The Specialist will be required to work with other technology and security teams to develop security content and Data Loss Prevention rules / controls detect and alert for security events.
Typical Day in Role :
- Works as part of Cyber Automation & Defense (CAD) team and will be responsible for identifying security exposures in the organization’s network and advise on appropriate compensating controls.
- Works with other technology and security teams to develop use cases and implement controls needed to close exposures. The intent of the use cases is to detect and alert for security events.
- Development of Data Loss Prevention rules and policies
- Thrives in a fast-paced environment coordinating multiple issues and threats that can be occurring simultaneously
- Solutions for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.).
- Works on different types of projects (from large complex to simple)
- Collaborates with various business lines, IT support functions and IS&C Control function
- Analyze security exposures and identify the remedial and compensating factors in the organization’s network.
- Advise on appropriate implementation of compensating controls including priority and success criteria.
- Work with other technology and security teams to implement controls needed to close exposures.
Must Have Skills :
- 8+ years’ experience of Data Loss Prevention methodologies, rule and policy creation, DLP incident investigation
- 8+ years’ combined experience involving Vulnerability Assessment, Risk assessment, Security Operations Centre (SOC)
- 2+ years of hands-on technical working experience in management of security threats and cybersecurity use case development based on MITRE Framework
- 2 years technical writing and documentation experience
- Knowledge of Cloud computing, XDR & EDR
Nice-To-Have Skills :
- Experience in Reporting and Documentation
- Bilingual in Spanish is an asset
- Experience conducting security research
Education :
- Post-secondary education in Computer Science or in a related field
- Certifications (CISSP, CISM, CCSP, CRISC) are nice to have
Best VS. Average Candidate :
Ideal candidate has experience merging all the requirement : developing security use cases, DLP rules and policy creation management to detect security events and has the right working attitude
Candidate Review & Selection
- 1st round MS Teams video panel interview - HM and 2 team members (45 minutes)
- 2nd round MS Teams video - Director (30 minutes)