Senior Incident Response Analyst Jobs

Experience with post-traumatic intervention, suicide and crisis intervention, and management coaching

Strong communication and team management skills

The ability to manage competing priorities in a fast-changing environment

A comprehensive benefits plan for our part-time (21+ hrs) and full-time employees

Managing a team of 5 trauma counsellors

Overseeing the quality of the 24/7 services provided to our clients

Demonstrated skill in developing and presenting on cyber risk concepts to non-technical audiences, including project and product managers and non-technical leadership.

Experience defending heterogenous enterprise environments. Red teaming or other offence-oriented experience a plus.

Previous experience with a major cloud platform, such as AWS or Azure.

Outstanding written and verbal communication skills.

Establish and maintain relationships with suppliers and business partners in the information security industry.

Educate, coach, and mentor a team on technical, interpersonal, and team dynamics, company policy & procedures, and other topics.

Excellent critical thinking skills with the experience to diagnose and troubleshoot technical issues

5+ years of incident response or digital forensics experience.

Knowledge of TCP/IP Protocols, network assessment and network/security applications, including log and network traffic capture assessment.

Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi or other open source forensic/log analysis/network assessment tools.

Experience with EDR tools like CrowdStrike Falcon, Carbon Black, Sentinel One, etc.

Knowledge of industry standard frameworks – NIST, HIPAA, PCI.

Experience with Incident Management systems (e.g., ServiceNow, Jira)

Two or more years of direct experience in Security Incident Response, including some of: threat management, vulnerability assessment, monitoring and investigations

Experience with problem, incident and change management response

Prepare incident response reports and documentation for management and stakeholders.

Are you skilled in incident response and eager to contribute to a dynamic and rapidly evolving field?

Minimum of two years’ experience working in Security Operations Centre

Knowledge of common classes of vulnerabilities (ie. SQLi, XSS, overflows, etc).

Experience investigating vulnerability reports and/or reporting vulnerabilities.

Investigate reports of potential vulnerabilities in BlackBerry products.

Assess the impact vulnerabilities on BlackBerry products.

Knowledge of secure coding practices.

Knowledge of Windows, Linux and/or Mac operating systems.

Conduct in-depth analysis of security incidents, root cause analysis, and post-incident reviews. Prepare comprehensive incident reports for management

Stay up-to-date with the latest cyber threats and vulnerabilities, and implement proactive measures to enhance the organization's security posture.

Continuously enhance incident response procedures and policies to strengthen the incident response capabilities of the organization.

Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISM, GIAC) are a plus.

Demonstrated experience in leading teams

In-depth knowledge of incident response methodologies, tools, and best practices.

Manage the administrative requirements as dictated by TELUS Health Trauma department.

Minimum 3 years post-graduate counselling experience;

CISM, CISD training or EMDR certification is an asset;

Experience delivering group debriefing and/or running counselling groups;

Provide Critical Incident Response to our organizational clients;

Work/travel to an on-site location;

Knowledge of security technologies, such as, firewalls, IDS/IPS, AV, SIEM, DLP, Vulnerability Management, Web and Email Content Filtering.

This role is fully remote, offers a generous base salary & bonus plus excellent benefits.

SANS training / GIAC certifications / Offensive Security OSCP or equivalent /w enterprise mature security experience

Complete open source threat collection and analysis activities identifying indications of cyber threats, malicious code, malicious websites, and vulnerabilities.

Experience in analyzing malware, hacking tools, and threat actor tactics.

Senior Cyber Threat Analyst - Incident Response | 100% remote

Outstanding technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques

Defining and maintaining Information Security Incident Management Process and build procedure documents for incidents handling

SIEM, Log Management, Network Security & Monitoring

Managing, maintaining and improving Incident Response capabilities to detect, proactively hunt for and respond to sophisticated cyberattacks

Outstanding knowledge in the following Cybersecurity domains:

Excellent problems solving skills, ability to coordinate with different local and global teams

Stay up to date with current adversary tactics and apply this knowledge to internal operational countermeasures.

Utilizing proven Incident Response skills including host/network forensics, log analysis, timeline correlation;

Conduct monitoring, and in some cases lead in-depth analysis of Security Operations Center (SOC) oriented alerts.

Update and maintain a repository of self created security alerting rules.

Brief peers and above on current Threat Response themes derived from the SOC.

Participate, and in some cases lead long term security operation projects with peers.

Completion of, or working towards, a recognized management certification.

Superior analytical and problem-solving skills with the ability to manage and prioritize a busy workload and multiple projects / initiatives.

Experience in the insurance/finance industry is considered an asset.

Lead, manage, and motivate a team of professionals to ensure success of the Security Operations & Incident Response functions.

Ensure identification and drive the end-to-end remediation of discovered or potential security vulnerabilities and mature operational security processes and procedures.

Post-secondary degree or equivalent experience.

You can demonstrate experience in- incident management and incident response in cybersecurity, fraud, or physical security including management roles.

You're an exceptional problem solver- You creatively develop unique approaches and solutions that are necessary to address complex problems.

Values matter to you. You bring your real self to work and you live our values - trust, teamwork, and accountability.

What You Need To Know

Experiences And Skills You’ll Use To Solve

Stay up to date with current adversary tactics and apply this knowledge to internal operational countermeasures

Demonstrating foundational knowledge in computer networking, operating systems (both Windows and Unix based operating systems), and virtualization (cloud and on-premise)

Working knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks

Conduct monitoring, and perform in-depth analysis of Security Operations Center (SOC) oriented alerts

Help update and maintain a repository of self created security alerting rules