Skip to Content

Senior Cybersecurity Analyst – Incident Response

--GTA--

Apply Now!

About the position:

We are looking for an experienced cybersecurity incident responder who can manage incidents at Tier 3 level and who is experienced in investigating cybersecurity incidents using incident response tools. The Cybersecurity Analyst – Incident Response role will also support internal fraud and financial crime investigations where there is a cyber element. This position has an on-call rotation element to provide prompt response to mitigate impact 24/7.

The candidate will have experience with Information Technology and a solid level knowledge of Cybersecurity principles.

The role is part of the Cybersecurity Operations team and will be primarily based out of our Markham office.

Location: GTA, Hybrid - 3 Days Onsite

What you’ll do:

  • Take ownership of incident response activities and create summary reports for management and other internal stakeholders
  • Analyze escalated cybersecurity alerts from managed service providers to determine impact, select most effective containment and remediation activities, and ensure appropriate recovery takes place
  • Maintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying enhancement opportunities in configuration and alerting rules while practicing and improving practical skills
  • Conduct detailed technical investigation of cybersecurity incident root causes including threat vector, technique and tactics
  • Be diligent throughout shift and when on call to quickly respond to cybersecurity alerts and be available for time-sensitive responses
  • Work with key internal teams from Information Security, Privacy Office, and Financial Crime Teams to support other investigations where there is a cyber element
  • Adapt to fast-paced environment

What you’ll bring

  • At least 5 years of experience directly working in cybersecurity incident response, preferably in a large financial services institution
  • Strong incident response technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques
  • Demonstrated ability to analyze cybersecurity alerts to determine business impact and selecting containment and remediation activities that ensure appropriate recovery
  • Maintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying enhancement opportunities in configuration and alerting rules while practicing and improving practical skills
  • Conduct detailed technical investigation of cybersecurity incidents and identified root causes including threat vector, technique and tactics
  • Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external peers
  • Obtained or pursuing a recognized cybersecurity incident response or related certification, such as CISCP, OSCP, CIH, CHFI etc.
  • Experience reviewing, analyzing, discussing, explaining, and reporting cyber threats and results
  • Strong interpersonal and communication skills, ability to respond to multiple incidents simultaneously and in a prioritized matter
  • Preferred candidates will also have experience in threat hunting OR threat intelligence OR forensics, in addition to cybersecurity incident response

Education & Certification

  • University Degree in Computer Science or Computer Engineering would be an asset
  • Insurance industry specific background would be an asset
  • Certifications in Cybersecurity Incident Response

Apply Now!