Security Operations Analyst

How You’ll Contribute

• Security Infrastructure Management: Maintain and optimize the security infrastructure (Firewalls, IDS/IPS, AV, SIEM, FIM, servers, etc.) with a specific focus on maintaining Exabeam SIEM and CrowdStrike (managing EDR, FIM, and DLP modules).
• Cloud Security Operations: Execute AWS cloud security operations, monitoring specific services (e.g., GuardDuty, Security Hub, CloudTrail) to secure cloud workloads and respond to cloud-native threats.
• Incident Response: Monitor systems, software, and skills to stay ahead of emerging threats: Lead or participate in security investigations and Assist during Incident Response and Recovery activities.
• Data Pipeline Management: Manage and optimize security data pipelines using Cribl to ensure efficient log routing, parsing, and data reduction before ingestion.
• Infrastructure as Code (IaC): Utilize IaC principles (specifically Terraform) to deploy, maintain, and audit security configurations and infrastructure.
• Network Security: Perform firewall operational tasks as approved.
• Governance & Risk: Maintain and enforce KUBRA’s IT management control framework that defines the institution’s overall approach to IT risk and control.
• Incident Management: Participate in on-call rotation to respond, investigate and resolve Security Incidents.
• Alert Coordination: Track and action alerts to ensure proper response is taken by coordinating the work efforts of internal teams and actions required of external service providers.
• SIEM Optimization: Apply understanding of environment and operational issues to work with external or internal parties for implementation or optimization of specific Exabeam SIEM use cases to help improve detection and response.
• Threat Intelligence: Maintain the vulnerability security digest, monitor threat feeds, and provide regular threat intelligence updates.
• Access Reviews: Conduct access control reviews on a case-by-case basis to systems and work with internal and external resources to update user control lists and provide reports.
• Audit & Compliance: Assist in remediation tasks related to audits/penetration tests.
• Training & Testing: Participate in internal and external table-top exercises related to cybersecurity.
• Documentation: Assist in development of process and procedure documents for Security Operations.
• Policy Guidance: Evaluate and provide guidance to exemption requests as per corporate policy and standards, to advise of risk involved.

Strengths That Shine in This Role

• Ability to detail and effectively discriminate relevant logs / security events
• Ability to handle multiple tasks and projects concurrently
• Excellent written and verbal communication skills
• Ability to plan and manage complex security projects, and meet the deadlines
• Excellent organization, time management and problem-solving skills
• Ability to handle pressure under minimum or no direct supervision

Skills That Matter in This Role

• A minimum of 2 years of experience operating and working in a functional SOC environment.
• A minimum of 2 years of experience in a Security Operations role.
• 2+ years of experience in Incident Management and related processes.
• Exabeam: Proven experience operating Exabeam SIEM is required.
• CrowdStrike: Hands-on experience with CrowdStrike EDR, FIM (File Integrity Monitoring), and DLP (Data Loss Prevention) is required.
• AWS Security: Strong operational knowledge of AWS Cloud Security operations is required.
• Cribl: Experience with Cribl for log shaping and routing is highly desirable.
• Terraform: Knowledge of Terraform or other Infrastructure as Code (IaC) tools is considered a strong asset.
• Prior experience with IAM and SOAR platforms.
• Knowledge of PCI, SOC, SOX and other standards.
• Incident Handler certification (e.g., E|CIH, GCIH, IHRP, CSIH, CIHE) is required.
• Other relevant certifications that are considered an asset include MCSE, CCNA, CCNP, GCIH, GCIA, GCFE, GREM, GCFA, GSEC etc.
• Degree or equivalent Experience in Information Security.

Why You’ll Love Working Here

• Thrive in an award-winning culture that champions growth, embraces diversity, and fosters inclusion for all. See our awards →
• Enjoy generous benefit coverage with low premiums, plus a Healthcare Spending Account and Wellness Spending Account
• Invest in your future with RRSP matching
• Take time to recharge with paid vacation and sick days, and enjoy a paid day off for your birthday
• Make a difference with two paid volunteer days to support causes you care about
• Keep learning with free access to LinkedIn Learning and our education reimbursement program for continued development
• Feel appreciated through our employee recognition programs
• Support your mental health with a free premium Headspace membership
• Stay refreshed with unlimited access to fully stocked beverage stations
• Save more with exclusive Perkopolis retail discounts