Security Operations Consultant - Telus Health Cybersecurity

Description
We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.
The TELUS Health CSO team is committed to providing excellence in securing our internal and customers’ data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cyber security posture. We manage our cyber risks and provide industry-leading cyber governance, assurance and oversight to secure our data.
We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.
Here's the impact you'll make and what we’ll accomplish together
As a Cyber Security Consultant, you’ll be keeping TELUS Health safe and protected by establishing, operating and maintaining security controls and processes, conducting security investigations and incident response. You’ll be part of a global team operating across multiple time zones supporting our clients across all TELUS Health services, solutions, and SaaS products.
What You’ll Do
The role of the security analyst can span all areas of security operations, and interface with security architecture, offensive security, cloud platforms and DevSecOps. The analyst is not expected to perform all of the below, but to have a broad understanding and expertise to operate across a number of the noted areas of security.
Security operation - Vulnerability Management

• Manage and implement various types of scanning (SAST, DAST, SCA,IAST, RASP) in TELUS Health CI/CD pipelines and ensure results are appropriately surfaced working collaboratively with developers
• Implement and support host-based web-specific security solutions to secure web hosting environments
• Implement, administer, and support web application and infrastructure vulnerability scanning tools working with vendors as required
• Security assessments through code reviews, automation and security architecture audits
• Work directly with application and system owners to perform web application and infrastructure vulnerability scans, including performing pre-scan risk assessments to determine suitability for same
• Gather and document service and product information from application and system owners to assist in threat risk analysis

Security operation - Threat management

• Report on vulnerabilities found in web applications and infrastructure for system owners and administrators, providing recommendations for mitigation. Work with the support teams to prioritize remediation to align with security SLAs
• Monitor and research external threat intelligence and vulnerability feeds to identify new risks directly applicable to applications and application platforms in use by TELUS Health
• Notify designated product managers of new or suspected critical or high risk vulnerabilities in enterprise systems

Security operation - Threat prevention

• Manage the policy and implementation for threat prevention tooling spanning at least 3 of the following; endpoint security, network security, identity and access, application security and data security
• Manage the policy and playbooks interfacing with managed security prevention services spanning EDR, NDR, and MDR
• Manage and configure web application firewalls working with product development teams to define protection rules to mitigate identified vulnerabilities
• Configure and manage Advanced Threat Protection modules within the TELUS Health Unified Threat Management security devices

Security monitoring and Incident Response

• Work with offensive testing leads and managed security service providers to perform threat hunting activities
• Act as a security incident response responder in support of cyber incidents
• Monitor security events within SIEM, driving the investigation, escalation and triage of incidents

CSO Security engineering

• Contribute to the creation and maintenance of security training
• Define and implement tools and processes to drive enhanced threat management, vulnerability management, threat prevention, security monitoring and incident response
• Manage, develop, maintain, and keep secure the Cybersecurity internal communications web platform
• Define and implement SIEM and SOAR requirements including onboarding log sources, development of manual and automated alerting and playbooks

Product Security engineering - in partnership with architecture, cloud security and DevSecOps

• Consult with users to determine their cybersecurity needs, analyze and review existing security solutions features and requirements
• Implement security control automation and checkpoints to detect and prevent security issues early in cycle
• Design tooling and frameworks to make adoption of security best practices easier for developers when working in our code bases

Product Security design - in partnership with security architecture and offensive security

• Work with engineering and product teams in the design phase of products and features, conducting threat modeling and security architecture, design

Qualifications
What you bring

• Leading security certifications such as CISSP, CISM, CEH, GCIH/ECIH etc
• Experience in the creation and update of incident response, playbooks, runbooks
• Proven experience in the application security domain with secure OWASP development practices, automating application security testing tools and secure DevSecOps practices
• Experience with SIEM tools such as Splunk and QRadar and SOAR tools
• A natural detective-like curiosity about all things cybersecurity and security technology
• Mandatory requirement to obtain Government of Canada secret level clearance
• Enjoy team collaboration and information sharing
• An insatiable appetite for new and emerging security technologies
• Knowledge of penetration testing techniques and procedures with industry standard toolsets
• Ability to multi-task and manage competing priorities using sound judgment
• Experience managing Data Loss Prevention technologies
• Experience with Cloud based security tools (CSPM, CWPP)
• Demonstrate an in-depth knowledge of a broad range of hardware and software products and SDLC concepts & tools such as DevSecOps, Ansible, Jenkins, Github, etc
• Experience managing alerts from EDR/MDR endpoint protection
• Basic understanding of CI/CD pipelines

Nice to haves

• Hands on Threat modeling, security risk assessment experience is a plus
• Experience working on a fast paced security team supporting product/engineering functions, cloud infrastructure, and corporate infrastructure development
• Bilingual: English and French an asset
• College diploma or university degree in Computer Science or related field