Cybersecurity Incident Response Analyst

Join to apply for the Cybersecurity Incident Response Analyst role at Aviva Canada.

Get AI-powered advice on this job and more exclusive features.

Individually we are people, but together we are Aviva. Our Values—Care, Commitment, Community, and Confidence—guide us.

We are seeking an experienced cybersecurity incident responder capable of managing Tier 3 incidents and investigating cybersecurity incidents using incident response tools. This role also supports internal fraud and financial crime investigations with a cyber component. The position involves an on-call rotation to ensure prompt response and mitigate impact, operating 24/7.

The candidate should have experience with Information Technology and a solid understanding of Cybersecurity principles.

This role is part of Aviva’s Canada Cybersecurity Operations team, primarily based in our Markham office.

1. Take ownership of incident response activities and create summary reports for management and internal stakeholders.
2. Analyze advanced cybersecurity alerts from managed service providers to determine impact, select containment and remediation actions, and ensure recovery.
3. Maintain and enhance incident response tools such as EDR, SIEM, and SOAR by optimizing configurations and alerting rules.
4. Conduct detailed technical investigations of cybersecurity incidents, identifying root causes, threat vectors, techniques, and tactics.
5. Be diligent during shifts and on-call periods to respond quickly to alerts and handle time-sensitive issues.
6. Collaborate with internal teams including Group CISO, Privacy Office, and Financial Crime Teams to support investigations with a cyber component.
7. Adapt to a fast-paced environment.

1. At least 5 years of direct experience in cybersecurity incident response, preferably in a large financial services organization.
2. Strong technical skills in incident response, knowledge of network protocols, vulnerabilities, and remediation techniques.
3. Ability to analyze alerts for business impact and determine appropriate containment, remediation, and recovery actions.
4. Experience with incident response tools (EDR, SIEM, SOAR) and identifying enhancement opportunities.
5. Ability to conduct detailed investigations into root causes of cybersecurity incidents.
6. Effective collaboration and communication skills, with the ability to handle multiple incidents simultaneously.
7. Relevant cybersecurity certifications such as CISCP, OSCP, CHFI, or similar, obtained or in pursuit.
8. Experience in threat hunting, threat intelligence, or forensics is a plus.

1. A compelling rewards package including salary, annual bonus eligibility, retirement plans, share plans, health benefits, wellness programs, and volunteer opportunities.
2. Opportunities for career development and professional education support.
3. Flexible vacation policy with options to purchase additional days.
4. Employee programs promoting diversity and inclusion.
5. Wellness initiatives supporting physical and mental health.
6. Hybrid work model.

Please note that AI tools may be used in our recruitment process. This position is posted both internally and externally. Aviva Canada provides accommodations for employees with disabilities throughout their employment. Contact your Talent Acquisition Partner for accommodations if needed.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industry: Insurance