Senior IT Security Systems Operator

ADGA is hiring multiple Senior IT Security Systems Operators to work in a Security Operations Centre (SOC) for our client. The SOC cyber defence services include monitoring, analysis, and response to cyber threat activity, as well as engineering integration and operation of a variety of cyber security technologies.

• In-depth technical expertise in support of cyber security operations (monitoring, detection, analysis, response)
• Engineering and implementation of complex analytics for detecting cyber threat activity
• In-depth technical expertise in cyber threat tactics, techniques and procedures as well as malware reverse‑engineering and cyber forensics
• Analyze protocols (HTTP, FTP, SMTP, DNS, TLS, S‑MIME, IPSec, SSH)
• Research technical details of cyber attack activity, document findings, and communicate to stakeholders
• Configure and implement technical IT security safeguards, software and hardware security products on operating systems such as Microsoft and Linux
• Integrate and automate IT Security systems (e.g., SIEM data ingestion and parsing, shell scripting, web services, APIs)
• Configure intrusion detection systems, firewalls and content checkers, extract and analyze reports and logs, and respond to security incidents
• Complete tasks directly supporting the departmental IT Security and Cyber Security Program
• Develop and deliver training material and supporting documentation
• Support triage and remediating tracking effort of newly disclosed vulnerabilities affecting cloud and on‑premises systems
• Access and integrate information from monitoring tools and other sources to decipher underlying trends or uncover anomalies and discern obscure patterns and attributes
• Compile results into reports or analytical products as required
• Prepare and present analysis in the form of briefings and/or reports
• Provide subject matter expertise on industry trends and techniques related to forensics, malware analysis, cloud security and advanced hunting

• A minimum of 10 years of experience performing tasks such as:
  • Review, analyze and/or apply networking protocols (HTTP, FTP, Telnet)
  • Internet security protocols (e.g., SSL, HTTPS, MIME, IPSec, SSH)
  • TCP/IP, UDP, DNS, SMTP
  • Directory standards such as X.400, X.500, and SMTP
  • Network routers, multiplexers and switches
  • Network hardening (e.g., shell scripting, service identification)
  • Wireless technology
  • Technical threats to and vulnerabilities of networks
  • Technical IT security safeguards
  • IT software and hardware security products
  • Configure operating systems such as MS, Unix, Linux and Novell
  • Configure IT security management
  • Configure intrusion detection systems, firewalls and content checkers; extract and analyze reports and logs; respond to security incidents
  • Configure / update virus scanners
  • Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
  • Develop and deliver training material
• Must have one valid SANS Institute Global Information Assurance Certification (GIAC) in good standing from the following focus areas:
  • Cyber Defense
  • Cloud Security
  • Digital Forensics & Incident Response
• A minimum of 10 years of experience performing cyber incident response; researching and documenting technical details of cyber attack activity, including:
  • Analyzing and characterizing threat activity according to industry standards, attack types and methodologies
  • Identifying, validating and describing technical evidence of impact and progress of attacks through stages of the attack cycle
  • Documenting technical findings in written reports
  • Presenting findings to technical and nontechnical audiences
• A minimum of 5 years of network forensics experience using data from multiple sources to reconstruct and analyze cyber threat activity, including in-depth analysis of:
  • Raw traffic content (TCP/IP, various application protocols)
  • Network device metadata and firewall/IDS logs
  • Server application authentication and HTTP logs
• A minimum of 10 years of experience performing in-depth reverse engineering of malware using both static and dynamic analysis techniques to produce actionable intelligence, including creation of YARA rules or technical analytics to describe IOCs
• A minimum of 10 years of experience performing in-depth binary code analysis within a Windows environment using static disassemblers and debuggers, including analysis of code with anti‑analysis and tamper resistance techniques. Tools may include but are not limited to:
  • IDA Pro
  • Binary Ninja
  • Ghidra
  • WinDBG
  • Immunity Debugger
  • OllyDbg
• A minimum of 6 years of experience performing end‑to‑end analysis of the cyber intrusion kill chain, including TTPs used in each phase
• A minimum of 6 years of experience developing custom tools using Python scripting language to support the following tasks:
  • Decoding and parsing network traffic
  • Gathering and analyzing forensic data from endpoints
  • Automating other SOC‑related analysis and duties
• Experience in post‑detection forensic analysis using all of the following IT security solutions:
  • Antivirus / Endpoint Protection Platform (EPP)
  • Endpoint Detection & Response (EDR)
  • Security Information & Event Management (SIEM)

We strongly support a healthy and productive work‑life balance. This starts with a flexible approach to work and policies designed to support employees through their day‑to‑day routines and major life events. For example we offer a Maternity / Parental Top‑Up (up to 52 weeks) and a Reservist Leave Top‑Up (up to 180 days).

ADGA continuously strives to integrate advanced DEI approaches and practices into our work culture. Our employee‑based DEI Committee explores activities and invites discussions that foster an environment where all employees feel valued, respected and heard.

In addition to a competitive base salary, ADGA has a company‑wide profit‑sharing plan for all full‑time and part‑time employees.

We offer a comprehensive benefit program providing employees with the choice between base or enhanced plans. Depending on the plan, ADGA pays for health & dental, a Health Spending Account, short‑term disability, an Employee Assistance Program, and a Telemedicine service. Also offered are discounts on gym memberships, $5,000 perks through Perkoplis, a Deferred Profit Sharing Plan, and access to a wide range of other employee‑centric services and savings programs.

Remote Work: No

Employment Type: Contract

• Clerical
• Abinitio
• Chiller
• Application Engineering
• ELV
• AV

Experience: years

Vacancy: 1