Information Security Analyst
Candidate profile details:
Degree/Certifications Required: Bachelor’s Degree in Computer Science/Information Security or similar discipline is preferred.
Years of experience: 5 years
Reason for request/why opened: Short term leave
Interaction with Stakeholders: 25%
Project Scope: BAU support
Team Size: 12 people
Selling Points of Position: Working within a leading FI organization
Background:
Minimum 5 years of information security experience, preferably engineering or development.
Summary of day to day responsibilities:
• Define, develop and/or implement detection strategies, analyze security data, and create monitoring use cases to ensure timely responses to potential threats.
• Enhance organization’s ability to detect and respond to security breaches.
• Develop advanced detection logics and algorithms to efficiently spot and alert on suspicious activity or potential threats.
• Perform detection gap assessments to ensure coverage across identity, network, endpoint, cloud, and application layers.
• Align with CSOC, CSIRT, threat hunting, threat intelligence, red team, risk management, etc., to build a threat-informed defense system.
• Participate in incident support and/or projects to provide reporting, data analysis, and assessments.
• Develop security monitoring rules/use cases on SIEM platforms (Splunk, Azure Sentinel, Logscale).
• Identify cyber threats, anomalies, and risks from security-relevant data (e.g., login/logoff events, persistent outbound data transfers, firewall allows/denies, etc.).
• Analyze alerts and investigate indicators of compromise (IOCs like file hashes, IP addresses, domains, etc.).
• Research and develop new threat detection use cases based on threat research findings, threat intelligence, analyst feedback, and available log data.
• Perform activities within the content life cycle, including creating new use cases, testing content, tuning, and maintaining associated documentation.
• Work with other security functions and product SMEs to identify gaps within existing analytical capabilities.
• Participate in root cause analysis on security incidents and provide recommendations for remediation.
• Act as the liaison to business units to fulfill audit, regulatory compliance, and corporate security policy requirements.
• Create and maintain documentation for detection processes.
• Continuously improve detection capabilities based on emerging threats.
Must Have:
• Experience in SIEM content development (Splunk, Azure Sentinel, Logscale, or similar SIEM platform).
• Understanding of various log formats and source data for SIEM analysis.
• Minimum 5 years of information security experience, preferably engineering or development.
• Ability to effectively communicate with anyone, from end users to senior leadership – facilitating technical and non-technical communication.
• Strong incident handling/incident response/security analytics skills.
• Deep understanding of technical concepts including networking and various cyber-attacks.
• Solid background with Windows and Linux platforms (security or system administration).
Job Details
Job ID: 13166
Contract Duration: 6 months
Location: Toronto
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
