Senior Cyber Security Analyst (Temporary)

We are currently seeking a Senior Cyber Security Analyst to join our team for a temporary 18-month contract.

The Senior Cyber Security Analyst is responsible for Level 2 and Level 3 SOC operations and assists peers, business stakeholders and executives in identifying risks that may impact Tru Cooperative Bank. The role actively promotes the integration of cyber security into most aspects of IT and the business. The role also ensures that Cyber Security operations are following regulatory and industry best practices and that mitigates threats and risks to systems. The role provides senior level guidance to the Cyber Security Analyst role.

Here’s what would be included as a part of your typical day

1. Security & Incident Response: Provides Level 2/3 SOC triage and investigations on escalated security incidents to identify root cause and mitigate control gaps. Escalates and leads major cyber security incident response. Provides oversight and backup to the Level 1 SOC operations.  Included in on-call rotations and assists other team members with afterhours incident response and resolution if required.
2. Project Management: Assists with the design, management and execution of cross-organization project plans that involve the cyber security team. Collaborates with project work stream leads to ensure cyber and information technology security risks are identified, raised, and prioritized.  Identifies and closes information and cyber security gaps within project plans by proactively pursuing details from key stakeholders.
3. Risk Management:  Assists in monitoring Tru Cooperative Bank’s networks for security breaches and/or incidents and investigates any violations. Prepares reports that document security incidents and control gaps.  Supports external consultant engagements in support of Cyber Security initiatives.
4. Cyber Security Systems: Senior level advisor to the standard and advanced configurations of security systems and controls.  Assists in the implementation of configuration changes where required.  Senior level interface to security vendor relationships.
5. Management Support:  Provides management support in the creation of management and executive reporting products. Assists in the creation and maintenance of Cyber Security strategies where required.
6. Situational Awareness: Maintains up-to-date detailed knowledge of the information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

Required Skills, Experience & Qualifications

• Bachelor’s Degree in Technology or a related field preferred or a combination l of education and experience
• CISSP or CISM an asset
• 5 years information/cyber security related work experience required
• 5 years information technology related work experience required
• Experience in an OSFI regulated environment an asset
• Proven ability to communicate effectively both verbally, and in writing, with a wide variety of people
• Demonstrated ability to work independently or as part of a collaborative team
• Demonstrated time management, organizational and prioritization skills
• Strong working experience with deploying and securing Cloud deployments including PAAS, IAAS and SAAS – Microsoft Azure an asset
• Strong experience with Cyber Security incident handling and SOC operations
• Working understanding of the following control and program frameworks:  NIST Cyber Security Framework, OWASP Top 10, and CIS Critical Security Control
• Strong working technical knowledge of log management platforms including Syslog and at least one enterprise class SIEM – MS Azure Sentinel an asset
• Strong understanding of IP, TCP/IP, and other common network protocols
• Experience with two or more scripting languages including Python and PowerShell
• Displays an understanding of risk and risk ownership by being able to demonstrate adherence to policies and procedures.