March 10, 2017

Tier III – Security Analyst

Role Summary

A Tier III – Security Analyst is a technology specialist with the main focus on SIEM technologies. The role requires a detail-oriented professional to provide support to the platform from a technical and procedural standpoints and reports to the technical manager for the team. The Tier III Security Analyst will interact with the dedicated SIEM specialist team and work as a team to support SIEM platform.

The Tier III Analyst is responsible for working with the HG Team at multiple levels in order to identify and align business and IT objectives, discover security or operational pain points, offer recommendations, and recognize current and future IT security needs in the context of SIEM technologies.

Responsibilities 

  • Execute technical changes and client requests
  • Utilize tools and analytical skills to investigate and resolve the root cause of issues across the technologies
  • Document the investigation and provide solution recommendations
  • Schedule and run regular technical changes (ie. signature updates, security patches, major/minor software upgrades)
  • Improve upon existing policies and configurations of client technologies 
  • Perform reviews related to sizing and capacity of technologies
  • Develop and enable reporting and alerting based on client’s requirements
  • Ensure the managed platform is performing at the best optimal state
  • Ensure the completion of tasks and update tickets accordingly
  • Manage SIEM correlation rules to ensure appropriate mitigation of false positives/negatives and reporting
    • Provide overall guidance, instruction, and leadership to junior analysts
    • Provide mentorship and guidance to other SOC analysts regarding technologies
    • Provide guidance to Tier-I staff in performing security investigations
    • Engage in knowledge sharing with other analysts
  • Providing major component infrastructure support
  • Monitoring Health of the managed technologies and responding to issues based on SLAs
  • Responding to critical failure and participate in / perform troubleshooting to resolution
  • Opening, following up and working on tickets with 3rd party vendors and other team members
  • Maintain current knowledge on industry issues/trends and competitive products
  • Maintain and expand working knowledge of current managed technologies
  • Improve technical understanding of all managed technologies.
  • Communicate effectively orally and in writing, and establish a cooperative working relationship with persons contacted in the course of performing assigned duties.

Desired Skills and Experience 

  • College Diploma or University Degree in Information Security or relevant security up-to-date certificates and/or equivalent work experience
  • Holds experience in managing UNIX and Windows based inter-connected solutions is desirable
  • Holds certifications of security or network technologies
  • Minimum 1 year of experience in IT security field is a definite plus 
  • Strong understanding of IT Security concepts, best practices, and market direction
  • Strong troubleshooting, reasoning and problem-solving skills
  • Holds experience in and understanding of basic computer networking involving VLAN, WAN, LAN, Routers, Switches, Access Points, Firewall etc. 
  • Excellent communications skills
  • Exceptional time management and organizational skills 
  • A positive, detail oriented and constructive minded team player 
  • Ability to participate in rotating on-call assistance to the SOC
  • The following will be considered an asset:
  • Certifications or equivalent experience in RSA SA, SUMO, and Splunk 
  • Certifications or equivalent experience in curriculum such as GSEC, Security+, CEH are a plus
  • Ability to conduct security investigations using logs

How to Apply

If you are interested in applying for this position, please click here: Tier III – Security Analyst

About Herjavec Group:

Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. Herjavec Group delivers SOC 2 Type 2 certified managed security services supported by state-of-the-art PCI compliant, Security Operations Centers, operated 24/7/365 by certified security professionals. This expertise is coupled with leadership positions across a wide range of functions including consulting, professional services and incident response. Herjavec Group has offices globally including across Canada, the United States, and the United Kingdom. For more information, visit www.herjavecgroup.com