Senior CSIRT Analyst
Winnipeg, Manitoba, CA
4d ago

Purpose of Role

Working as part of the Keyloop Information Security team, the Senior Cyber Security Incident Response (CSIRT) Analyst will work as part of a team monitoring, detecting, and responding to threats to the Corporate IT, Data Centre and Cloud estate.

Joining the team at a key time you will play an integral role in helping to develop and shape their operational security capabilities.

This position would suit someone who has performed a security role within a SOC or CSIRT capacity.

Role Responsibilities

  • Continuous monitoring of security tooling and responding to alerts and events
  • Performing regular and ad-hoc investigations into potential attacks and vulnerabilities
  • Identification of threat origins and defining appropriate mitigation tactics
  • Coordinating and following up on response activities across infrastructure, application, legal and security teams
  • Incident, event management, request and change management associated with security related threats
  • Maintaining centralised logging and reporting of incidents, events, and changes
  • Ad hoc involvement in administration, maintenance, and management of security tools
  • Skills / Knowledge & Experience

  • Bachelor’s degree in Computer Systems Engineering, Computer Science or related
  • SOC, CSIRT or CERT operational environment experience
  • Windows / Linux experience
  • TCP / IP networking protocol knowledge
  • Experience reviewing and analysing Security Events from various monitoring and logging sources
  • Experience in website and web application security assessment or penetration testing
  • Experience of using Splunk
  • Experience of ITSM practices such as ITIL
  • Scripting knowledge using BASH, Python, Perl, Ruby
  • Skills in Host and Network threat investigation & forensics
  • Technical / Professional qualification
  • At least 5 years’ commercial experience within a similar role
  • Understanding of security protocols and all relevant relations such as HTTPS, TLS, SSL, SSH, PKI, IPSEC, VPN
  • Understanding of Cloud and / or SAAS
  • Ability to run and configure security testing tools and analyse the results.
  • Experience of security monitoring and Security Operation Centre (SOC) tools
  • The following certifications / qualifications are desirable : SANs Courses / Qualifications (GCIH, GCTI)CISSP / CISMCREST certification CySA+Certified Ethical Hacker (CEH)CCNA or other Cisco Qualifications
  • Location : Winnipeg, Manitoba
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form