About Us:
ETS is a leading IT consulting company in Winnipeg and part of the Exchange Income Corporation's family of companies. We provide a wide range of services, including Managed IT, Project Management, Business Intelligence, Cyber Security, Digital Transformation, Training Services, Installation Services, and Telecommunications across Canada and the US. If you are looking for a fast-paced career, serving enterprise customers and managing diverse IT projects, we invite you to join us.
Our work environment is dynamic, filled with learning opportunities, exciting and challenging projects, and a chance to make a positive impact on clients’ businesses. We value teamwork, fun, and achieving amazing results together.
Job Overview:
As a Senior SOC Analyst, you will be responsible for carrying out cybersecurity initiatives, ensuring the security monitoring of organizational networks, and working with innovative and trustworthy partners to mitigate threats. This role involves continuous monitoring of security systems, incident response, and proactive threat research to safeguard digital assets.
Key Responsibilities::
- Review and monitor the network’s security and respond to security alerts while performing initial triage and providing alerts to team members when necessary.
- Performing threat hunting on SIEM and other systems.
- Daily monitoring and response of DLP, IPS, SIEM, Firewall and Antivirus exceptions & alerts.
Incident management, response, and reporting.
- Daily monitoring and response to email security alerts and requests.
- Assist with developing processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
- Strong knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls.
- Document all activities during an incident and provide leadership with status updates during the life cycle of the incident. Investigate and perform analysis of Indicators of Compromise.
- Conduct proactive threat research.
- Stay up to date on industry and job-related trends and best practices, including reading relevant publications, articles, blogs, etc.
- Ability to decide potential impact and whether escalation and reporting are required.
- Detailed documentation and reporting of shift activities for review by the following shifts and
leadership.
- Support the maintenance of the ISMS (Information Security Management System) by strictly following the corporate policies and providing supporting evidence to audits whenever required.
Qualifications:
Education, Licenses, Certification, and Experience Required:
- 5 years of experience in managed security services, SOC, and Incident response.
- Technical customer support experience is a bonus.
- Proficiency in the use of SOC technologies such as SIEM and/or SOAR
- Able to create SIEM queries and execute threat hunting
- Able to create alerts based on defined conditions.
- Scripting knowledge is a plus
- Certifications considered an asset
- CompTIA Security+
- CompTIA CySA+
- SIEM or SOAR Certifications
- Mail Security Certifications
- Firewall Certifications
- Experience managing Mail Protection Solutions.
- Experience managing Endpoint Detection and Response Solutions.
- Understanding of threat vectors and threat intelligence
- Understanding of layered security at application, OS, and network layers
- Understanding of cloud and network concepts, protocols, services, and technologies
- Experienced with data analysis, visualization, and reporting tools.
- Incident handling/response experience.
Knowledge, Skills, and Abilities Required:
- Familiar with Security Risk Assessment and Management
- Familiar with ITIL and have experience with ITSM platforms.
- Experience with packet analysis and packet capture tools.
- Demonstrated knowledge of networking (TCP/IP, topology, and security), operating systems
- (Windows/UNIX), and web technologies (IIS, Apache).
- Exchange and Office 365 experience, including message trace, header analysis and ATP.
- Experience with Malware Analysis and Reverse Engineering.
- Investigations and remediation.
- Knowledge of trouble isolation, log analysis, data and event correlation and analysis.
- Prior experience in creating and maintaining operational reports for Metrics.
Working Conditions:
- Must be able to obtain and maintain a clear criminal record check
- Physically able to perform all listed job duties
- Modified Work Agreement 10-hour shifts.
What We Offer:
- Competitive salary and benefits package.
- Registered Retirement Savings Plan with Company Matching
- Employee Share Purchase Plan
- Subsidized Gym Membership
- Subsidized Phone Plan
- Opportunities for professional development and career growth.
- Collaborative and innovative work environment.