Auckland Jobs |
Canterbury Jobs |
Northland Jobs |
Otago Jobs |
Southland Jobs |
Tasman Jobs |
Wellington Jobs |
West Coast Jobs |
Auckland Jobs |
Canterbury Jobs |
Northland Jobs |
Otago Jobs |
Southland Jobs |
Tasman Jobs |
Wellington Jobs |
West Coast Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | Waterloo, ON |
Education | Not Mentioned |
Salary | Not Disclosed |
Industry | Not Mentioned |
Functional Area | Not Mentioned |
Job Type | Full Time |
Worker Sub-Type:RegularPosition SummaryThe SOC analyst is responsible for activities relating to monitoring and responding to security events. The SOC analyst receives, researches, triages and documents all security events and alerts as they are received. This individual supports multiple security-related platforms and technologies, interfacing with others within the IT organization, as well as other internal business units and external customers/partners. Events will be generated from endpoints, networks, security information and event management (SIEM) systems, threat intelligence platforms, employees, third-parties and other sources. The SOC analyst also is expected to hunt for potential compromise across the infrastructure.The SOC analyst reports to the SOC manager and is an involved member of the SOC team. This role must display an in-depth understanding of new trends and technologies related to IT security and compliance, and contribute to the company IT security strategy and roadmap.Essential Job DutiesAs an active member of the team, monitor and process response for security events on a shift basis.Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.Participate in threat modeling collaboration with other members of the security team.Leverage automation and orchestration solutions to automate repetitive tasks.Assist with incident response as events are escalated, including triage, remediation and documentation.Aid in threat and vulnerability research across event data collected by systems.Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships.Share information as directed with other team members.Seek opportunities to drive efficiencies.Manage security event investigations, partnering with other departments (e.g., IT) as needed.Evaluate SOC policies and procedures, and recommend updates to management as appropriate.Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security and data networking, to offer global solutions for a complex heterogeneous environment.Maintain working knowledge of advanced threat detection as the industry evolves.Perform other duties as assigned.Skills and Experience1 -3 years of information security monitoring and response or related experience.Experience working in a shift operational environment, with geographic disparity preferred.Experience driving measurable improvement in monitoring and response capabilities at scale.Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.Knowledge of a variety of Internet protocols.Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.Additional QualificationsDemonstrates highly effective communications skills, with ability to influence business units.Has an analytical and problem-solving mindset.Is highly organized and efficient.Leverages strategic and tactical thinking.Works calmly under pressure and with tight deadlines.Demonstrates effective decision-making skills.Is highly trustworthy; leads by example.Educational RequirementsBachelor’s degree (B.A/B.S) or 3–year diploma in Engineering Computer Science or Technology related field.Certification RequirementsSecurity+, SANS GCIH or GCIA; CISSP a plus.Job Family Group Name:Information TechnologyScheduled Weekly Hours:40Quick Apply