Info Security Analyst II

Our Client, a Banking company, is looking for an Info Security Analyst II for their Toronto, ON/ Hybrid location.

• The candidate should be continuing to advance their knowledge, skills, and abilities in all cybersecurity domains (Incident Response, Forensics, Offensive cybersecurity, Cybersecurity intelligence, and cybersecurity risk management).
• Able to complete hands-on-keys L1 and L2 responsibilities when necessary.
• Possesses the ability to mentor and guide junior analysts through completing L1 and L2 investigations.
• Has a solid foundation, knowledge, skills, and technical ability to investigate cybersecurity events, tune requirements for the Client cybersecurity control plane, and debug alerts to evaluate legitimacy and accuracy.
• Oversee shift operations and ensure 24x7x365 operational coverage is met, managing conflicts with meetings, breaks, and other engagements.
• Distribute workload among shift members to ensure quality and accuracy of investigations, priority, and adherence to SLO/SLAs.
• Ensure SLA for event investigations are not breached and escalate to CSOC Senior Leaders any alerts or investigations that are subject to SLA breach as per procedure.
• Perform peer reviews on closed L1 alerts and closed L2 investigations.
• Consult with L3 and Fusion Incident Management to provide shift resources for open or ongoing investigations for L3 events and open incidents.
• Manage regional shift handovers, ensuring the starting shift/region has everything needed to pick up open cases and drive to closure.
• Lead the shift transfer process, act as a liaison between shifts, other teams, CSOC Senior Leaders, and CSOC Senior Managers, communicating concerns and relaying information.
• Deliver communications for process/workflow changes or updates and monitor their effective execution.
• Assist with scheduling, assuring coverage, and reporting team members' absence (sick, emergency, etc.) to management 24/7.
• Utilize QA Daily, Incidents, and L1/L2 dashboards to manage event handling.
• Attend Fusion situational calls.

• 3+ years of practical or relevant experience and knowledge of IT security and Incident Management practices across multiple domains.
• Moderate to strong hands-on experience in modern Operating Systems (Windows/NIX/Cloud/Mobile).
• Strong hands-on experience with incident response detection tools such as SIEM, EDR, XDR, Firewall, WAF, email proxies, NIDS, and equivalents.
• Strong knowledge of organizational, technological controls, cybersecurity, and risk assessment issues.
• Experience working with Azure, Defender, Sentinel.
• Strong leadership and people-building skills within IT and Cybersecurity.
• Ability to participate in complex, comprehensive, or large projects and initiatives.
• Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization, and outside vendors.

• Health Benefits
• Referral Program
• Excellent growth and advancement opportunities

As an equal opportunity employer, ICONMA provides an employment environment that supports and encourages the abilities of all persons without regard to race, color, religion, gender, sexual orientation, gender identity or expression, ethnicity, national origin, age, disability status, political affiliation, genetics, marital status, protected veteran status, or any other characteristic protected by federal, state, or local laws.