Specialist, Cyber Security - Jobs in Montréal, QC

Job Description

Req Id: 300671At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content – we advance how Canadians connect with each other and the world.If you’re ready to bring game-changing ideas to life and join a community that values, professional growth and employee wellness, we want you on the Bell team.Bell is making unmatched investments in our world-leading broadband fibre and wireless networks because we know they’re the backbone of the products and services our customers love. If you’re excited about transforming the way people connect, our Network team is the right place for you.Overview:As a Cyber Security Content developer within the Content Team, a candidate is expected to utilize his/her technical expertise to create detection logic to identify prioritized threats using logs and security telemetry. You will work collaboratively to implement detections that observes system activity and recognizes malicious behavior within multiple SIEM platforms. You would help develop creative and resourceful ways to identify gaps and detect threats while leveraging core OS telemetry such as file system, memory, process, and network. You would collaborate with multiple teams and are expected to make significant contributions to the design and implementation of major development projects.What You Would Do:Build mechanisms that combine multiple detection signals to create higher fidelity threat detections.Develop and/or engineer security detections as code.Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.Develop and maintain parsers in connectors to ensure logs are properly organized and normalized.Automation to improve identification and response time and reduce impact of incidents.Work cross functionally to perform proactive Threat Hunting and Purple Teaming.Participate in various meetings such as daily stand-ups, project reports and status calls, etc.Required Skillsets:3+ years of technical experience with one or more SIEM and UEBA platforms (e.g. Splunk, Elastic, ArcSight, QRadar, LogRhythm, etc)Knowledge of at least one scripting language (Python, Perl, Ruby, etc.) as well as regular expressions.Understanding of various security frameworks and/or methodologies (e.g. MITRE ATT&CK, Cyber Kill Chain, Diamond Model, NIST, etc)Experience with the following technologies is highly desirable: Splunk, Apache NiFi, Apache Kafka, Tableau, Cloudera, Elastic Stack (Logstash, Elasticsearch, Kibana)Host level detection with tools such as Auditbeat, Osquery, EDR or SysmonWorking knowledge of GIT, JIRA, Jenkins, Docker, Kafka other Agile CI/CD and Kanban boards.Ability to work independently with minimal direction; self-starter/self-motivated.Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec.Additional Information:Position Type: ManagementJob Status: Regular - Full TimeJob Location: Montreal || Canada : Ontario : Ottawa || Canada : Ontario : Toronto || Canada : Quebec : MontrealApplication Deadline: 07/06/2021Please apply directly online to be considered for this role. Applications through email will not be accepted.At Bell, we don’t just accept difference - we celebrate it. We’re committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or recruitment@bell.ca to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at inclusion@bell.ca.Created: Canada, QC, MontrealBell, one of Canada's Top 100 Employers.