Security Operations Center Analyst -
We’re looking for a curious, passionate and committed person that enjoys teamwork and collaboration to join our Security Operations Center as an Analyst. Are you the one?
Who we are:
Bulletproof is a premiere technology company founded in Atlantic Canada and driven by innovative, empowered and creative teamwork. More than, 70,000 users on 6 continents trust us to keep their networks, data and identities safe.
Our Security Operations Center protects our clients 24 hours a day by providing extensive Cyber Security Services, including best-in-class technology offerings.
It is an exciting time to join the Bulletproof team! As part of the GLI family of companies, we provide our employees the opportunity to be part of a global company within an exciting industry.
What we offer:
You will find a relaxed and collaborative work atmosphere at the Bulletproof SOC, with flexibility to accommodate for your individual needs. We praise ourselves in having an inclusive company culture that fosters innovation and growth through diversity and equality.
We’ll help you grow with a strategy that will support you every step of the way. First, we’ll give you access to the training courses you need to become the expert you want to be. Then, you’ll learn directly from experts in the field (our team leads love to mentor). When you’re ready, we’ll give you the opportunity to work in many different areas within the SOC, to figure out what really excites you.
For this position, we offer a market compatible salary, 2-week of payed vacation, Private Pension plan with company match and Health insurance.
This position manages and monitor cybersecurity events, perform incident response and security analysis. Candidates will possess strong technical analytical skills while providing accurate analysis of security-related problems. They have a well–rounded networking background and are responsible for performing extensive troubleshooting of issues in the SOC. The individual is user focused and works to resolve user needs in a timely manner. These needs involve resolving hardware/software failures, investigating and responding to security threats, and making change requests to the security policy of devices.
Who you are:
- Proficient oral and written communication.
- Sensitive to clients’ needs, can develop warm client relationships.
- Take initiative and produce results.
- Collaborate effectively with a talented team.
- Suggest and carry out practical actions to deal with issues.
- Perform the detailed and repeatable execution of all operational tasks as documented in SOC processes and subordinate procedures.
- Monitor the SOC tools for security events.
- Close or escalate security events as necessary.
- Update all relevant documentation such as shift logs and tickets, procedures.
- Identify impact of incidents on systems, and using available tools determine if data was infiltrated.
- Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter.
- Serve as work area experts for security/information assurance policy recommendations.
- Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations.
- Escalate incidents to applicable Bulletproof entities and or Bulletproof Customers for remediation.
- Build relationships with other Bulletproof operations units to strengthen customer security posture.
- Ensure security events and incidents are detected and escalated in a timely manner.
- Provide analysis and investigation to determine if alerts or security events warrant incident classification.
- Track incidents through to final resolution.
- Perform incident triage to include determining scope, urgency, and potential impact.
- Drive the Information Fusion Procedure where various data inputs are gathered, analyzed and presented in a meaningful, actionable manner.
- Responsible for long term analysis and investigation into our customer’s network activity, and the creation of custom logic to detect unique or previously undetectable attacks on our customer information assets.
- Cyber threats and vulnerabilities.
- Cybersecurity and privacy principles, best practices and frameworks such as NIST, PCI and HIPAA.
- Cybersecurity technologies such as Firewalls, IDS, IPS, SIEM and other detection tools.
- Cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- How to use network investigation tools to identify vulnerabilities.
- Encryption methodologies.
- Computer networking concepts and protocols.
- Cybersecurity incident response and handling.
- Operating systems.
- Network attacks and a network attack’s relationship to both threats and vulnerabilities.
- Network tools (e.g., ping, traceroute, nslookup)
- Different types of network architectures (e.g., LAN, WAN, MAN, WLAN, WWAN).
- OSI model and underlying network protocols (e.g., TCP/IP).
- Packet-level investigation using appropriate tools (e.g., Wireshark, tcpdump).
- Network protocols such as TCP/IP, DHCP, HTTP, FTP, NTP and DNS.
- Bachelor’s degree in Computer Science or equivalent experience relevant to network security with relevant industry certifications.
- 2-4 years of related experience in a Network support and or Network operations role;
- or any combination of education and experience, which would provide an equivalent background.
- Background in networking or security to include intrusion detection/prevention.
- Excellent written, verbal communication and organizational skills.
- Knowledge and experience with user devices, LAN topologies, network equipment, and server operating systems, in an enterprise environment.
- Knowledge of security applications such as IDS, IPS, SEM, SIEM and anomaly detection tools.
- Knowledge of trouble ticketing systems or CRM systems.
- Understanding of the operation of test and analysis equipment such as protocol analyzers, LAN/WAN Sniffers, etc.
- Ability to read and interpret network diagrams.
- Ability to read and understand packet captures.
- Basic understanding of the OSI model
- Strong interpersonal and user service skills.
- Knowledge of Unix and Windows operating Systems.
- Experience with processes in functional area (i.e., trouble management, fault management, and incident management).
- Understanding of network management concepts and software, including SNMP (Preferred but not required)
- Security +, SSCP and other technical security certifications (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation Professional, or equivalent certifications)
Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
SOUND LIKE A FIT FOR YOU?