IT Security Operations Analyst
EDC is Canada's export credit agency, offering information, knowledge and innovative commercial solutions to help Canadian exporters and investors expand their international business. EDC's knowledge and partnerships are used by more than 9,000 Canadian companies and their global customers in up to 200 markets worldwide each year.
EDC is financially self-sustaining, and is a recognized leader in financial reporting and economic analysis.
As an IT Security Operations Analyst you will join EDC's Security Operations Center (SOC) providing EDC with a centralized and consolidated cybersecurity incident prevention, detection and response capability. The SOC team works closely with fellow EDC staff and Managed Security Providers (MSSP) to perform monitoring, alerting and reporting functions, and also participates in IT security incident response and IT security analytics.
EDC is looking for a person with operating experience in a Security Operations Center at a Tier One level that wants an opportunity to grow and progress into the higher SOC tiers. EDC's Managed Security Service Provider (MSSP) will perform SOC Tier One functions, allowing the IT Security Operations Analyst to utilize EDC's advanced SOC tools, including a SIEM and log collection systems to perform security incident response, to analyze security data, to affect required changes to EDC security systems, to perform device management and to report out on security issues. The role will adhere to EDC's policies and practices, such as the IT security policy and EDC's vulnerability management practice and participate in an after hour's on-call rotation and work overtime and occasional non-standard shifts (after-hours and weekends).
- Act as first point of contact for SOC MSSP's for monitoring, alerting and reporting on malicious activities or activities of interest
- Triage alerts and activate the Security Incident Response (SIR) process during business hours or after hours, if on-call. Also participate in SIR testing
- Administer, operate and tune SOC tools including the SIEM and log collection system
- Maintain and improve processes, practices and measures for the SOC staff and MSSP
- Perform or initiate necessary changes to EDC systems, following approved change requests processes
- Perform analytics or forensic investigations
- Generate reports and measures/metrics against industry benchmarks and EDC specific reporting requirements
- Run vulnerability scans on network and endpoints devices and be able perform remediation activities upon detection of critical and high vulnerabilities
- Could make recommendations for improvements to SOC Standard Operating Procedures (SOP) or EDC security frameworks
- Undergraduate degree in Computer Science or Management Information Systems or in a related field
- Minimum 2 years of experience in IT security operations in a formal Security Operation Center
- Solid knowledge of IT security operations/support principles and practices
- Knowledge of IT and network operations
- Working experience with the following technologies:
- Fire Walls
- Syslog Log Collection
- Asset Discovery
- Windows and Linux Operating Systems
- Knowledge of the following technologies:
- Endpoint Protection including AV and Malware Detection
- Email and Web Security Devices
- Network Access Control
- Switches, TAPS and Routers
- IPS/IDS and DLP
- Industry recognized IT certification
- Bilingual in both official languages (French and English)
- Government of Canada Security Clearance
- Previous experience working for an MSSP or a financial institution in an IT security related role
- $62,000 - $92,000 + performance-based incentive (+ after-hours on-call rotation and work overtime and occasional non-standard shifts, as required)
How to apply
Only candidates selected for an interview will be contacted.
Application deadline: July 20, 2018, 11:59 p.m. EST on www.edc.ca/careers
EDC is committed to employment equity and actively encourages applications from women, Aboriginal people, persons with disabilities and visible minorities. If selected for an interview, please advise us if you require special accommodation.
Candidates must meet the requisite government security screening requirements.