Experience with security technologies such as SIEM, AV, firewall, etc., Good Knowledge of scripting language (such as Python
The security operations team reviews and interprets alerts and system notifications and provides advanced security response, analysis and incident management against industry threats, vulnerabilities and other malicious technological programs with continual review of business needs as well as industry best practices. Additionally, the security operations team is responsible for working with other Bell teams build, implement, validate and evolve the security components of our customer solutions.
• Supervise the implementation and the development of new technologies and new services, analysis of operational impacts and network management processes, training and management platforms plans.
• Analyze the effectiveness of the service and operational security processes and propose necessary adjustments
• Develop complex documentation to allow trend analysis, design solutions and operating guides or various deliverables
• Develop detection rules (SIEM), monitoring dashboards and playbooks to identify legitimate threats, suspicious/anomalous activity, offensive tools and malware indicators.
• Participate in deployment of security software update mechanism and security package across multiple Business units.
• Support Business units during deployments of security software updates mechanism or security package
• Establish policies and guidelines for software deployments in varied environments
• Develop comprehensive and accurate oral and written reports, documentation and presentations for both technical and executive audiences
• Effectively communicate and collaborate with all teams, within Security Operation Center (SOC) or outside the SOC
• University or college degree in Computer Science/Engineering or 5 to 10 years of equivalent experience in the cyber security domain.
• Proven experience in design, implementation and troubleshooting solutions related to the security domain.
• Good understanding of network security platforms, OS security features, Application protection systems.
• Good understanding of Security Information and Events Management (SIEM) concepts.
• Experience in the analysis of security events and cyber threat from the SIEM platform.
• Knowledge of Windows & Linux systems
• Good Knowledge of scripting language (such as Python or PowerShell)
• Excellent spoken and written communication skills.
• Professional security certification such as CCNP Security, CISSP, CCSE, GIAC certification, SIEM certification
• Working experience with Agile, Continuous Improvement and Lean.
• Experience or knowledge of threat hunting and/or malware analysis
• Understanding of the incident response process, risk assessment methodology and computer forensics
• Experience with security technologies such as SIEM, AV, firewall, etc.
• Solid knowledge of security and networking fundamentals.
• Hands-on experience with packet dissection, software reverse-engineering and offensive techniques.