Tier-I Security Analyst
As a Security Analyst for the Security Operations Centre (SOC), you are a member of a team which manages IT security on behalf of customers to reduce the impact of security incidents and system compromises. This team provides security monitoring, event investigation and analysis, and countermeasure proposals. As part of the team responsible for the 24×7 Security Event Management Service, you will be responsible for the following items:
- Event Detection – Following an established, documented process for event detection including but not limited to:
- Receipt of Security Alerts, (and Operational Health Alerts from Security Devices) from monitored devices and associated technology
- Acknowledgement of receipt of the event
- Opening new service desk tickets, or update existing tickets in order to track event handling through its lifecycle to resolution and closure.
- Assignment of the event ticket to the appropriate owner.
- Event Filtering – Follow established process for identification of events that require filtering. Documenting and assigning requests for event filtering in the service desk ticket
- Event Investigation – Follow an established process for the purposes or collecting relevant data and performing the necessary level of analysis on that data.
- Event Escalation – Follow an established process for transmitting event investigation data to the appropriate point of contact, whether that point of contact is an external client, or an internal resource. Report on recurring problems and issues discovered during the course of your duties.
- Event closure – Follow established process to ensure that resolution criteria are met before closing tickets.
- Manual Health Checks – Follow establish and approved processes for performing scheduled health checks on applicable devices.
Must have demonstrated knowledge and experience with three or more of the following:
- UNIX, AIX & Solaris
- Windows Server Operating Systems
- Internet Connectivity and Protocols (TCP/IP)
- Wireless Networking
- Network architecture best practices
- Security Operations Centre/Information Protection Centre/Computer Incident Response Centre
- Enterprise Security Information Management systems
- VPN Communication Protocols
- Switches/Routers (basic configuration)
- Network/System Intrusion Detection or Prevention Systems
- Understanding of basic security concepts: Principle of Least Access, Compartmentalization etc.
- Firewall (configuration knowledge)
- Asset Management
- Security threat and attack countermeasures
- Ability to conduct in-depth forensic analytical studies and investigations
- Ability to earn the Security+ certification within 3 months of hiring, if not already completed
- Critical Thinking and Analytical skills
- Excellent written and verbal communication skills
- Strong troubleshooting and problem solving skills
- Team player with ability to work autonomously
- Ability to prioritize, and reprioritize work as required
How to Apply
If interested, please click on the following link and complete an application Tier 1 Security Analyst – Click Here
About Herjavec Group:
Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003, and it quickly became one of North America’s fastest-growing technology companies. Herjavec Group delivers managed security services globally supported by a state-of-the-art, PCI compliant Security Operations Centre (SOC), operated 24/7/365 by certified security professionals. This expertise is coupled with a leadership position across a wide range of functions including compliance, risk management & incident response. Herjavec Group has offices globally including three headquarters in Toronto (Canada), New York City (USA) and Reading (United Kingdom). The organization recently entered the Australian market and plans to establish a local presence there over the coming months.