Information Security Analyst

Degree/Certifications Required: Bachelor’s Degree in Computer Science/Information Security or similar discipline is preferred.
Years of experience: 5 years
Reason for request/why opened: Short term leave
Interaction with Stakeholders: 25%
Project Scope: BAU support
Team Size: 12 people
Selling Points of Position: Working within a leading FI organization

Minimum 5 years of information security experience, preferably engineering or development.

• Define, develop and/or implement detection strategies, analyze security data, and create monitoring use cases to ensure timely responses to potential threats.
• Enhance organization’s ability to detect and respond to security breaches.
• Develop advanced detection logics and algorithms to efficiently spot and alert on suspicious activity or potential threats.
• Perform detection gap assessments to ensure coverage across identity, network, endpoint, cloud, and application layers.
• Align with CSOC, CSIRT, threat hunting, threat intelligence, red team, risk management, etc., to build a threat-informed defense system.
• Participate in incident support and/or projects to provide reporting, data analysis, and assessments.
• Develop security monitoring rules/use cases on SIEM platforms (Splunk, Azure Sentinel, Logscale).
• Identify cyber threats, anomalies, and risks from security-relevant data (e.g., login/logoff events, persistent outbound data transfers, firewall allows/denies, etc.).
• Analyze alerts and investigate indicators of compromise (IOCs like file hashes, IP addresses, domains, etc.).
• Research and develop new threat detection use cases based on threat research findings, threat intelligence, analyst feedback, and available log data.
• Perform activities within the content life cycle, including creating new use cases, testing content, tuning, and maintaining associated documentation.
• Work with other security functions and product SMEs to identify gaps within existing analytical capabilities.
• Participate in root cause analysis on security incidents and provide recommendations for remediation.
• Act as the liaison to business units to fulfill audit, regulatory compliance, and corporate security policy requirements.
• Create and maintain documentation for detection processes.
• Continuously improve detection capabilities based on emerging threats.

• Experience in SIEM content development (Splunk, Azure Sentinel, Logscale, or similar SIEM platform).
• Understanding of various log formats and source data for SIEM analysis.
• Minimum 5 years of information security experience, preferably engineering or development.
• Ability to effectively communicate with anyone, from end users to senior leadership – facilitating technical and non-technical communication.
• Strong incident handling/incident response/security analytics skills.
• Deep understanding of technical concepts including networking and various cyber-attacks.
• Solid background with Windows and Linux platforms (security or system administration).

Job ID: 13166
Contract Duration: 6 months
Location: Toronto