Our client is currently seeking qualified Cyber Security Analysts in the Mississauga area to support a fast-paced 24x7x356 Security Operations Center (SOC). As such, all candidates must be open to supporting shift work.

Join a team to play a big part in thwarting cyber-attacks. We are seeking Cyber Defense Analysts who are smart, curious, and passionate about finding and investigating cybersecurity anomalies. This multi-faceted role involves working with leading technologies in IT and cybersecurity and requires a candidate to apply their experience and continued personal development. For someone with a passion for cyber security, this role encourages you to focus your time into staying up to date with the latest techniques, tactics, and procedures; threat actors; and campaigns while helping our clients remediate threats to their data.

Responsibilities:

• Provide analysis support within a 24x7x365 Security Operations Center.
• Support with host and network analysis to determine compromise extent and provide mitigation support on compromised systems.
• Validate and confirm critical security events and assess impact of the event.
• Research and maintain information on current security threats and applying knowledge to the security capability.
• Author intrusion detection signatures as well as other detection mechanisms and coordinate with Security Engineering to implement.
• Collect information from digital devices as part of legal investigations. Create and report on program tasks.
• Interface with the intelligence community in order to better develop and identify malicious activities and events that connect over time to form a pattern of attack.
• Recover data like documents, photos and e-mails from computer hard drives and other data storage devices that have been deleted, damaged or otherwise manipulated.
• Find evidence of illegal activity involving cybercrime offenses and examine computers that may have been involved in other types of crime.
• Use expertise to protect computers from infiltration, determine how a computer was broken in to or recover lost files.
• Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files.
• Automate workflow processes via scripting with Python or similar.
• Work with Cyber Threat Intel Team and maintaining threat indicator feeds.
• Build and maintain client and stakeholder relationships.
• Formulate and enforce work standards.
• Complete projects/deliverables on time and with quality.

Qualifications:

• Seeking candidates with at least one year of experience within a SOC or supporting a cyber incident response team.
• Bachelor’s Degree in Cybersecurity, Information, or Computer related field is strongly desired.
• Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management.
• Excellent communication skills, both written and oral.
• Operational knowledge with types of vulnerability assessors that shall include vulnerability assessment tools, wireless network detection, and non-signature-based discovery and case handling tools.
• Experience with the following technologies:
  • Intrusion Detection and Preventions Systems (IDS/IPS).
  • Monitoring network security events in an Enterprise Environment.
  • Producing security event reports for management.
  • Producing security metric reports for management.
  • Security Information and Event Management (SIEM) systems.
• One or more of the following certifications are desired:
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • Certified Forensic Computer Examiner (CFCE)
  • Certified Hacking Forensic Investigator (CHFI)
  • CompTIA Cybersecurity Analyst (CySA+)
  • Certified Ethical Hacker (CEH)