Security Incident Response Analyst

We are looking for a Security Incident Response Analyst.

Given the size and scope of our organization, we have the flexibility for this position to be located in the following office locations: Winnipeg, Toronto, London, Calgary, Edmonton, Vancouver.

Canada Life is seeking motivated individuals with a true passion for Cyber Security Incident Response.

• Are you interested in making a difference?
• Are you skilled in incident response and eager to contribute to a dynamic and rapidly evolving field?
• Are you passionate about protecting digital assets and defending against cyber threats?
• Are you looking for an opportunity to work in a world-class cyber detection and incident response security operations capability?

If so, we have an exciting opportunity for you as a Security Incident Response Analyst at Canada Life.

Role Description

The Information Security Event Management Centre (iSEM Centre Global SOC) team reports to the Global Chief Information Security Officer and provides cyber detection, incident response, cyber threat intelligence and engineering and support services on behalf of the Global Enterprise.

Accountabilities:

• Incident Response Document Management
• Threat Hunting
• Security Incident Response

What You Will Do

As a Security Incident Response Analyst, you will be part of a team that:

• Conduct post-incident analysis to identify areas for improvement and implement lessons learned.
• Conduct live forensic analysis and gather evidence to support incident investigations.
• Prepare material and lead security incident tabletop sessions.
• Prepare incident response reports and documentation for management and stakeholders.
• Responds to cyber security incidents promptly, effectively, and efficiently.
• Stay up to date with the latest cyber threats, attack vectors, and industry best practices.
• Monitor security systems, logs, and alerts to identify potential security breaches.
• Investigate security incidents, assess the impact, and determine the root cause.
• Assist in the development, and enhancement of incident response tools and technologies.
• Collaborate with cross-functional teams to identify and perform threat hunt activities.
• Develop, implement, and maintain incident response playbooks and procedures to mitigate risks.

Your highly detail-oriented analytic skills, technical knowledge and attention to detail will serve you well as you defend the enterprise from cyber threat actors.

Other accountabilities of this role include security reporting, analyzing threat intelligence and attending Critical Incident Response Team (CIRT) meetings. The Security Incident Response Analyst reports to the Director of Security Operations and will work under the Manager of Detection and Incident Response for the iSEM Centre. The Security Operation Centre is located in Winnipeg but this role is open to potential remote staffing.

What You Will Bring

Mandatory

• Experience in doing triage, investigation and remediation of security events received via tools such as SIEM, IPS, IDS, EDR, etc.
• Knowledge of network protocols (e.g., IPv4/IPv6/TCP/UDP/DNS/HTTP)
• Ability to read and interpret network diagrams and packet captures
• Experience with Incident Management systems (e.g., ServiceNow, Jira)
• Ability to effectively manage change and stress
• Certificate or degree from an accredited college or university
• Minimum of two years’ experience working in Security Operations Centre
• Ability to multi-task
• Knowledge of major operating systems (e.g., Windows, AIX, Linux)
• Demonstrated ability to set goals and deliver results
• Extensive knowledge of security technologies (e.g., SIEM, IDS/IPS, EDR, Firewalls)
• Highly motivated and detailed oriented
• Demonstrated teamwork skills
• Excellent verbal and written communicator
• SANS GIAC Certification
• Experience with programming languages (e.g., Python, PowerShell, Perl, C/C++)

Desirable

• Experience with writing or developing procedures and processes
• Experience with problem, incident and change management response
• Desired designations/certifications/licenses could include, SANS GCFA, GCIH, GCFE, GNFA, GREM, GCCC, Advanced Incident Handling – Carnegie Mellon, Security +, Network +
• Experience as a SOC analyst
• Two or more years of direct experience in Security Incident Response, including some of: threat management, vulnerability assessment, monitoring and investigations
• Experience with scripting and coding (e.g. Python, Power Shell, Perl, VBA)
• Experience with SIEM products
• Completed, working towards or willing to attain Information Security Certifications (e.g. CISSP, Network +, Security +, SANS GCIA and GCIH)
• Familiar with ITIL processes

We offer a challenging, team-oriented work environment. Competitive income benefits. Opportunities for professional/personal development and growth through world class training.

Be your best at Great-West Lifeco and Canada Life - Apply today!

Great-West Lifeco Inc. is a leading international financial services holding company headquartered in Canada with interests in life insurance, health insurance, retirement and investment services, asset management, and reinsurance businesses. It operates in Canada, the United States, and Europe under the brands: Canada Life, Canada Life Germany, Canada Life UK, Canada Life Reinsurance, Empower Retirement, Putnam Investments and Irish Life.

In Canada, Great-West Lifeco operates under the Canada Life brand, offering a broad portfolio of financial and benefit plan solutions and serves the financial security needs of more than 12 million customers. Globally our combined companies have approximately 24,500 employees, 205,000 advisor relationships, and thousands of distribution partners – all serving more than 30 million customer relationships across these regions.

Being a part of our organization means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You are part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee  has the opportunity to  reach their potential.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact [email protected] .

We would like to thank all applicants, however only those who qualify for an interview will be contacted.