Senior Security Monitoring Specialist to support intrusion detection and response within a Security Operations Center (SOC) environment
S.i. Systems
5d ago

Our valued financial client is seeking a Senior Security Monitoring Specialist for an initial 1-year contract in Ottawa, ON (100% remote), with an optional extension of 2 years.

As the successful candidate you will work within the client's security operations centre and review security incidents (using Splunk and similar tools) to determine their severity and draft reports detailing the activity.

Responsibilities :

  • Analyze host-based indicators of compromise or network traffic to assist in generating new attack signatures
  • Analyze log, forensic, malware or other related data, as needed
  • Respond to computer security incidents and perform threat analyses
  • Review and rate the risk of newly announced software and vulnerabilities to the operating system, as they apply to client's systems and infrastructure;
  • follow internal policies and standards as well as industry best practices to do so

  • Perform detailed technical analyses of electronic threats, including malware, viruses and other Internet-based attacks
  • Work with industry organizations, business partners and technology teams to assist in developing cyber security defensive techniques and best practices
  • Provide support for systems within area of expertise
  • Must-Have Skills

  • 5+ years’ experience within the field of IT and technology security, with a concentration on information security at the enterprise level
  • Demonstrated experience supporting intrusion detection or digital forensics and incident response (DFIR) within a security operations centre (SOC) environment
  • Demonstrated experience utilizing a common SIEM tool (e.g. Splunk, QRadar, Solarwinds, LogRhythm, etc.) for security monitoring
  • Demonstrated understanding and in-depth knowledge of operating systems(Windows, Red Hat Enterprise Linux, Solaris)
  • Demonstrated in-depth understanding of NVD / NIST terms and concepts (SCAP, CVE, CVSS, etc.)
  • Demonstrated ability in analyzing and quantifying computer security risks for vulnerabilities and incidents
  • Demonstrated knowledge of logging, network and system forensic investigation techniques , including proficiency in malware triage and reverse engineering
  • Demonstrated in-depth understanding of network protocols, TCP / IP fundamentals, detection systems and security event analysis and correlation
  • Demonstrated in-depth understanding of enterprise systems and infrastructure, network-based services and client / server applications
  • Nice-to-Have Skills

  • Demonstrated familiarity with host-based investigation tools
  • Demonstrated experience in analyzing security events using event aggregation and correlation systems
  • Demonstrated experience in programming / scripting languages
  • Demonstrated knowledge of IS security controls, technologies, guidelines, and best practices
  • Demonstrated ability to document and explain technical details clearly and concisely to audiences at all levels of an organization
  • Relevant cyber security certifications (CISSP, GIAC)
  • Demonstrated experience performing threat hunting or detection engineering
  • Bilingualism (English / French)
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form