Cancel

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Incident Response Jobs

129 Incident Response jobs in Canada

Security Operations Manager

Toronto, Ontario Allied Universal

Posted today

Job Viewed

Tap Again To Close

Job Description

Job Description

Job Description

Overview

We are North America's leading security and facility services provider with approximately 300,000 service personnel. At Allied Universal(R), we pride ourselves on fostering a promote from within culture. There are countless examples of individuals who began their career as Security Professionals and today hold positions on our senior leadership team. We offer medical, dental and vision coverage, life insurance, employee assistance programs, company discounts, perks and more for most full-time positions!

Start your phenomenal career with Allied Universal today!

Job Description

Security Operations Manager

Location: North York, ON (near Dufferin & Steeles)
Pay Rate: $33.00 / hr
Schedule: Full-Time - Monday through Friday 0800-1630 (30 min break not paid)

About the Role:

Allied Universal is currently hiring a Security Operations Manager for a high-security pharmaceutical facility in North York, ON . We are seeking a reliable, proactive, and experienced professional with strong leadership skills and a proven ability to manage teams in highly regulated environments. This role requires a minimum of two years of management experience in a pharmaceutical industry, healthcare, or high-security setting.

The successful candidate will be responsible for leading a team of security professionals, ensuring compliance, operational excellence, staff development, and client satisfaction .

Site-Specific Vaccination Requirements (Pharmaceutical Vaccine Facility):

As a condition of assignment, proof of vaccination - including but not limited to Diphtheria, Pertussis, Tetanus, and Influenza - is required.

Additional vaccinations may be mandated in the future based on site requirements or changes to health and safety protocols.

Vaccinations are covered under provincial health plans. Allied Universal will reimburse any additional associated costs.

Key Responsibilities:

  • Provide direct supervision and leadership to all security staff on site.
  • Oversee day-to-day operations , ensuring compliance with all site-specific protocols and pharmaceutical regulations .
  • Maintain and enforce post orders, incident response procedures, and emergency and security protocols .
  • Random inspections of all shifts and posts and to ensure that all security staff are performing their duties according to established site and company procedures.
  • Interviewing, and screening of all new hires.
  • Conduct incident investigations and follow up with detailed, accurate reporting.
  • Act as a liaison between Allied Universal Leadership and site client to ensure excellent client service.
  • Lead performance reviews , coaching , and corrective action when required.
  • Complete weekly payroll review and submission and coordinate scheduling, and time-off requests for all site assigned personnel.
  • Tracking and arranging coverage for all book offs , vacation time, sick/personal requests, training, special or additional coverage requests.
  • Ensure proper onboarding of new security personnel and facilitate ongoing site-specific training .
  • Provide after-hours and emergency support as needed, including responding to escalated incidents.
  • Support continuous improvement initiatives and encourage a culture of professionalism and accountability.
  • Communicate effectively with site staff, management, and Allied Universal leadership
  • Facilitate smooth shift handovers and maintain continuity in operations

Qualifications:

  • Minimum 2 years of progressive leadership experience in security operations, preferably in a regulated industry (e.g., pharmaceutical, healthcare, manufacturing, or corporate setting)
  • Experience managing large teams
  • People management, coaching, and conflict resolution skills
  • Proven leadership, interpersonal communication , and conflict resolution skills
  • Strong understanding of access control, CCTV systems, intrusion detection , and visitor management protocols
  • Proficient in security systems, reporting tools, Microsoft Office, scheduling systems , and incident management tools
  • Ability to produce clear, concise reports
  • Ability to multi-task in a high-pressure, fast-paced environment
  • Comfortable conducting foot patrols and working in varied indoor/outdoor conditions
  • High school diploma or GED (post-secondary education preferred )
  • Valid Ontario Security Guard License
  • CPR and Standard First Aid Level C Certification (or willingness to obtain; reimbursement provided)
  • Valid Ontario G-class driver's license with a clean abstract . Must be 25 years of age or older for company vehicle insurance eligibility. Must provide a copy of the abstract
  • Legally eligible to work full-time in Canada

What We Offer:

  • Full-time employment with consistent scheduling
  • Competitive pay and benefits package (health & dental)
  • Paid training and professional development
  • Growth opportunities within Allied Universal's expanding team

Hiring Process:

All candidates must successfully complete a background screening, which include:

  • Criminal background check for previous seven (7) years
  • Education (highest degree)
  • Employment (7 years/ up to 3 employers)
  • Reference checks

#LI-GH1

Closing

Allied Universal®  provides unparalleled service, systems and solutions to the people and business of our communities, and is North America's leading security services provider. Allied Universal delivers high-quality, tailored solutions, which allows clients to focus on their core business. For more information:  

Requisition ID

2025-1403586

This advertiser has chosen not to accept applicants from your region.

Security Operations Centre Operator

Toronto, Ontario Classet

Posted today

Job Viewed

Tap Again To Close

Job Description

Job Description

Job Description

Paladin Security is Hiring a Security Operations Centre Operator!

Paladin Security is hiring a skilled and detail-focused Security Operations Centre (SOC) Operator for our healthcare client, University Health Network – West Park . This critical role involves overseeing a hospital command centre, coordinating emergency response, and managing dispatch and access control systems.

Position Overview
  • Job Type: Full-Time (Temporary)
  • Location: Toronto, ON (UHN West Park – 170 Emmett Ave)
  • Shift: Continental rotation (0700–1900 / 1900–0700)
  • Pay: $23.98/hour
Key Responsibilities
  • Lead shift operations in the healthcare security command centre
  • Operate and monitor CCTV, access control, life safety, and fire panel systems
  • Coordinate deployment and movement of security staff across the facility
  • Handle emergency communications and make overhead announcements
  • Issue visitor and contractor badges, manage keys and Lost & Found
  • Train new team members and support with special projects

Requirements

Must-Have Qualifications
  • Valid Ontario Security Guard License
  • Valid First Aid & CPR Level C Certification (WSIB Approved)
  • Proof of full COVID-19 vaccination
  • Immunization Records for MMR, Varicella, and 2-Step TB Skin Test
  • At least 2 years of experience in a security role
  • Experience working in a healthcare security setting
  • Experience with dispatch, radio communications, or command centre operations
  • Strong written and verbal communication in English
  • Eligible to work in Canada
Nice-to-Have
  • Post-secondary education in Criminology, Border Services, or Police Foundations
  • Familiarity with access control and dispatch software
  • Prior experience leading teams or training new hires

Benefits

  • Medical, Dental, and Vision Insurance
  • Paid Vacation, Sick Days, and Holidays
  • Weekly pay and professional development opportunities
  • Supportive, inclusive work culture
  • Advancement within Paladin’s healthcare security programs

This advertiser has chosen not to accept applicants from your region.

Security Operations Centre Operator

Toronto, Ontario UJA Federation of Greater Toronto

Posted today

Job Viewed

Tap Again To Close

Job Description

Job Description

Job Description

Salary:

Job Description

The Jewish Security Network (JSN) of Greater Toronto seeks to hire qualified and dedicated staff to run the Security Operations Centre (SOC). The successful candidates will play a vital role in ensuring the safety and protection of the Toronto Jewish community by supporting the operations of the 24/7 command centre, working within a dynamic team of support staff.

Reporting to the Manager, Security Operations Centre, SOC Operators will serve as the first point of contact for all incoming calls for support and field intelligence reports. Through monitoring a wide array of digital assets via centralized software and phone hotlines, SOC Operators will synthesize large amounts of critical information quickly, coordinate routine and emergency incident communications, and create comprehensive records of security-related incidents.


Responsibilities:

  • Operate the SOC on a shift-basis using sophisticated technology and supporting assets
  • Manage incidents as they arise, manage appropriate responses, and conduct detailed record keeping
  • Provide direct support to Jewish institutions, agencies, and/or personnel during emergencies
  • Tend to crises using a set of pre-determined protocols, working as part of the SOC and the larger JSN team
  • Coordinate with other internal and external security assets as needed
  • Attend regular meetings and trainings, and assist with peer-to-peer training sessions
  • Regularly conduct drills of the system, manage technical troubleshooting, and any other maintenance activities as assigned
  • Assist JSN with event security as needed
  • Work on a rotating shift schedule, including nights, weekends, and holidays, to ensure the SOC is operational 24/7

We are seeking someone who possesses the following skillset:

  • Strong interpersonal skills and customer-service experience
  • Clear operational mindset, with the ability to manage stress well and work efficiently under immense pressure required
  • Strong problem-solving skills and detail orientated
  • Strong experience working with software and large technological assets, including as a back-end user
  • Exceptional computer skills, including the ability to type >50 words per minute in English
  • Fluent English speaker, reader, and writer required. Proficiency in Hebrew considered an asset
  • Strong working knowledge of Torontos Jewish community and its institutions considered a major asset
  • Familiarity with situational awareness and other security strengths considered an asset
  • Geopolitical awareness, knowledge of relevant global events, and cultural sensitivity is required
  • A graduate of a Bachelors Degree program or college equivalent considered a major asset
  • Availability to work regular shifts as assigned including on weekends, Jewish holidays, and evenings/overnight is required
  • Familiarity with Microsoft Suite considered an asset

How To Apply

This full-time, on-site position will pay a competitive salary. Successful applicants will be required to pass a police background check and must be permitted to work in Canada.


To apply for this position, please send your cover letter and resume to Additionally, please fill out this form:

Only applications submitted with cover letters, resumes, and a completed application form will be considered. Our sincere appreciation to all those expressing interest in this position, however, only those applicants invited for an interview will be contacted. No recruiters please.


JSN is an equal opportunity employer and is committed to creating an accessible and inclusive organization. We adhere to barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please notify us and we will work with you to meet your needs.

This advertiser has chosen not to accept applicants from your region.

Security Operations Center lead

Quebec, Quebec CyberClan

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Overview:

CyberClan is a dynamic and rapidly growing organization committed to ensuring the security and integrity of our operations. We are seeking an experienced and proactive IT Security Manager to lead our security team and safeguard our assets, employees, and information.

Position Overview:

As the Security Operations Lead, you will be responsible for overseeing and managing all aspects of our security operations. This role requires a strategic thinker with a strong background in security management, risk assessment, and incident response. You will play a crucial role in developing and implementing security policies, procedures, and protocols to ensure the safety and security of our personnel, facilities, and information.


Principal Duties and Responsibilities:

  • Ensuring clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Manage a region of SOC analysts to deliver a 24x7x365 Security Operations Centre;
  • Developing and improving processes to strengthen the current Security Operations;
  • Ensure daily tasking, quality assessment, training and development is maintained for entire SOC region.
  • Lead staff to proactively identify, prevent, and respond to security incidents;
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring;
  • Producing and disseminating SOC management Information, including preparation of reporting material for Senior Management review;
  • Provide clear, concise reporting around key KPI’s to their customers and internal teams.
  • Manage 3rd Parties to ensure they deliver effective SOC services.
  • Contribute to the design and development of defence and respond strategies, knowledgebase and playbooks.
  • Support to design, build, manage and maintain security monitoring systems and infrastructure such as SIEM, IDS/IPS and cloud-based security platforms.
  • Create and maintain compliance reports, supports the audit process, measures SOC performance metrics, and reports on security operations to Head of Security Operations and Director of GRC.
  • Support the monitoring SIEM alerts effectively to minimize downtime and restore services.
  • Responsible for managing and configuring security monitoring tools.
  • Drive a learning and knowledge sharing security culture;
  • Support the SOC team research global security events, issues and trends to produce security advisories for customers based on findings.


Generic Duties and Responsibilities:

  • Ensuring an effective process of continuous improvement is in place
  • Ensuring compliance with relevant security policies, standards, compliance and regulation
  • Identifying requirements and driving improvements to SOC related policies and standards
  • Inspire and motivate a team of SOC Analysts that can add value to our customers and support the internal teams.
  • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Support Tier 2 Analysts
  • Support sales knowledge base and weekly meetings to ensure up to date knowledge of services is maintained.
  • Support customers for escalation purposes
  • To continuously develop both technical and personal skills required within role and assist with development of other staff.
  • Keep up to date on security developments and news
  • Conducting cyber threat research and analysis for purposes of improving the strength of network security.
  • Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.
  • Proactively support business KPIs.
  • Work with the CyberClan global team when responding to security incidents.
  • Understand and comply with all Information Security policies.
  • Understand and comply with all company policies.
  • Follow agreed security best practices and SOC processes
  • Interact with strategic incident response and threat intelligence vendors.
  • To undertake other responsibilities, training and tasks as reasonably requested by line management.
  • Undertake periodic assurance reviews and produce associated reporting as required.
  • Participate in CyberClan internal security awareness initiatives and other training requests
  • Other duties as assigned by the SOC Manager.


Qualifications:

  • Educated to GCSE level or equivalent
  • Cyber Security Qualification (CISSP, CCSP, Security+, AWS Security, GIAC certifications are an asset)
  • EDR/XDR (Crowdstrike, SentinelOne, MS Defender, Trend Vison One)
  • Networking experience, including IP addressing (VLAN, NAT, DNS, ACL)
  • Linux, Sysmon, and FOSS
  • ITIL Foundation


Skills, Knowledge and Experience:

  • Knowledge and experience of SOC tooling to identify threats.
  • Experience of collaboration tools
  • Keen analytical mind and approach
  • Proactively shares own expertise with others
  • Knowledge and experience of IT systems, networking and security threat landscape including:
  • Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis.
  • Cloud technologies (AWS, Google Cloud, Azure)
  • Active Directory, Group Policies, PowerShell
  • Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)
  • IDP/IPS Systems
  • SIEM tools (such as Splunk)
  • SOAR is an added advantage
  • Knowledge of malware capabilities, attack vectors and impact.
  • Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them.
  • Knowledge and experience in threat analysis.
  • Training or educating network users about security protocols.
  • Administration of network firewalls.
  • Troubleshooting and problem-solving skills.
  • Identification of security areas that can be improved, and the implementation of solutions to those areas.
  • Dependability and flexibility, being on-call or available outside of regular work hours.
  • Security Information and Event Management (SIEM).
  • TCP/IP, computer networking, routing and switching.
  • C, C++, C#, Java or PHP programming languages.
  • IDS/IPS, penetration and vulnerability testing.
  • Firewall and intrusion detection/prevention protocols.
  • Windows, UNIX and Linux operating systems.
  • Network protocols and packet analysis tools.
  • Anti-virus and anti-malware.
  • Various certifications including Security+, CEH, GIAC, CASP, CISSP.


Personal qualities:

  • Confident with customer interactions, including face-to-face, web-ex and internal conversations.
  • Excellent interpersonal skills sufficient to develop professional relationships and rapport amongst key stakeholders
  • Strong team player
  • Genuine enthusiasm and drive to work within cyber security.
  • Excellent customer service skills
  • Good written skills to write explanations of systems, regulations and or procedures.
  • Good verbal communication
  • Ability to identify and suggest continual improvement
  • Good analytical and problem-solving skills
  • Ability to adapt to organisational change
  • Proven ability to manage varied workload
  • Ability to work unsupervised and under pressure.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • A Self Starter with the ability to lead and drive change through an organisation.
  • CEH, CISSP, PMP, GCIH, GSCE, or related certifications.
  • Excellent communication and leadership skills.
  • Knowledge on vendor management.
  • Ability to handle high-pressure situations.
  • Analytical and problem-solving skills.


Location

Remote


% of Travel Required

0-10%


Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.


CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

  • Seniority Level
  • Mid-Senior level
  • Industry
  • Computer and Network Security
  • Information Services
  • Employment Type
  • Full-time
  • Job Functions
  • Management
  • Skills
  • Security Operations
  • Cyber Threat Hunting (CTH)
  • Risk Assessment
  • Incident Response
  • Information Security
  • Security Manage
This advertiser has chosen not to accept applicants from your region.

Security Operations Center lead

Brossard, Quebec CyberClan

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Overview:

CyberClan is a dynamic and rapidly growing organization committed to ensuring the security and integrity of our operations. We are seeking an experienced and proactive IT Security Manager to lead our security team and safeguard our assets, employees, and information.

Position Overview:

As the Security Operations Lead, you will be responsible for overseeing and managing all aspects of our security operations. This role requires a strategic thinker with a strong background in security management, risk assessment, and incident response. You will play a crucial role in developing and implementing security policies, procedures, and protocols to ensure the safety and security of our personnel, facilities, and information.


Principal Duties and Responsibilities:

  • Ensuring clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Manage a region of SOC analysts to deliver a 24x7x365 Security Operations Centre;
  • Developing and improving processes to strengthen the current Security Operations;
  • Ensure daily tasking, quality assessment, training and development is maintained for entire SOC region.
  • Lead staff to proactively identify, prevent, and respond to security incidents;
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring;
  • Producing and disseminating SOC management Information, including preparation of reporting material for Senior Management review;
  • Provide clear, concise reporting around key KPI’s to their customers and internal teams.
  • Manage 3rd Parties to ensure they deliver effective SOC services.
  • Contribute to the design and development of defence and respond strategies, knowledgebase and playbooks.
  • Support to design, build, manage and maintain security monitoring systems and infrastructure such as SIEM, IDS/IPS and cloud-based security platforms.
  • Create and maintain compliance reports, supports the audit process, measures SOC performance metrics, and reports on security operations to Head of Security Operations and Director of GRC.
  • Support the monitoring SIEM alerts effectively to minimize downtime and restore services.
  • Responsible for managing and configuring security monitoring tools.
  • Drive a learning and knowledge sharing security culture;
  • Support the SOC team research global security events, issues and trends to produce security advisories for customers based on findings.


Generic Duties and Responsibilities:

  • Ensuring an effective process of continuous improvement is in place
  • Ensuring compliance with relevant security policies, standards, compliance and regulation
  • Identifying requirements and driving improvements to SOC related policies and standards
  • Inspire and motivate a team of SOC Analysts that can add value to our customers and support the internal teams.
  • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Support Tier 2 Analysts
  • Support sales knowledge base and weekly meetings to ensure up to date knowledge of services is maintained.
  • Support customers for escalation purposes
  • To continuously develop both technical and personal skills required within role and assist with development of other staff.
  • Keep up to date on security developments and news
  • Conducting cyber threat research and analysis for purposes of improving the strength of network security.
  • Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.
  • Proactively support business KPIs.
  • Work with the CyberClan global team when responding to security incidents.
  • Understand and comply with all Information Security policies.
  • Understand and comply with all company policies.
  • Follow agreed security best practices and SOC processes
  • Interact with strategic incident response and threat intelligence vendors.
  • To undertake other responsibilities, training and tasks as reasonably requested by line management.
  • Undertake periodic assurance reviews and produce associated reporting as required.
  • Participate in CyberClan internal security awareness initiatives and other training requests
  • Other duties as assigned by the SOC Manager.


Qualifications:

  • Educated to GCSE level or equivalent
  • Cyber Security Qualification (CISSP, CCSP, Security+, AWS Security, GIAC certifications are an asset)
  • EDR/XDR (Crowdstrike, SentinelOne, MS Defender, Trend Vison One)
  • Networking experience, including IP addressing (VLAN, NAT, DNS, ACL)
  • Linux, Sysmon, and FOSS
  • ITIL Foundation


Skills, Knowledge and Experience:

  • Knowledge and experience of SOC tooling to identify threats.
  • Experience of collaboration tools
  • Keen analytical mind and approach
  • Proactively shares own expertise with others
  • Knowledge and experience of IT systems, networking and security threat landscape including:
  • Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis.
  • Cloud technologies (AWS, Google Cloud, Azure)
  • Active Directory, Group Policies, PowerShell
  • Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)
  • IDP/IPS Systems
  • SIEM tools (such as Splunk)
  • SOAR is an added advantage
  • Knowledge of malware capabilities, attack vectors and impact.
  • Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them.
  • Knowledge and experience in threat analysis.
  • Training or educating network users about security protocols.
  • Administration of network firewalls.
  • Troubleshooting and problem-solving skills.
  • Identification of security areas that can be improved, and the implementation of solutions to those areas.
  • Dependability and flexibility, being on-call or available outside of regular work hours.
  • Security Information and Event Management (SIEM).
  • TCP/IP, computer networking, routing and switching.
  • C, C++, C#, Java or PHP programming languages.
  • IDS/IPS, penetration and vulnerability testing.
  • Firewall and intrusion detection/prevention protocols.
  • Windows, UNIX and Linux operating systems.
  • Network protocols and packet analysis tools.
  • Anti-virus and anti-malware.
  • Various certifications including Security+, CEH, GIAC, CASP, CISSP.


Personal qualities:

  • Confident with customer interactions, including face-to-face, web-ex and internal conversations.
  • Excellent interpersonal skills sufficient to develop professional relationships and rapport amongst key stakeholders
  • Strong team player
  • Genuine enthusiasm and drive to work within cyber security.
  • Excellent customer service skills
  • Good written skills to write explanations of systems, regulations and or procedures.
  • Good verbal communication
  • Ability to identify and suggest continual improvement
  • Good analytical and problem-solving skills
  • Ability to adapt to organisational change
  • Proven ability to manage varied workload
  • Ability to work unsupervised and under pressure.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • A Self Starter with the ability to lead and drive change through an organisation.
  • CEH, CISSP, PMP, GCIH, GSCE, or related certifications.
  • Excellent communication and leadership skills.
  • Knowledge on vendor management.
  • Ability to handle high-pressure situations.
  • Analytical and problem-solving skills.


Location

Remote


% of Travel Required

0-10%


Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.


CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

  • Seniority Level
  • Mid-Senior level
  • Industry
  • Computer and Network Security
  • Information Services
  • Employment Type
  • Full-time
  • Job Functions
  • Management
  • Skills
  • Security Operations
  • Cyber Threat Hunting (CTH)
  • Risk Assessment
  • Incident Response
  • Information Security
  • Security Manage
This advertiser has chosen not to accept applicants from your region.

Security Operations Center lead

Regina, Saskatchewan CyberClan

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Overview:

CyberClan is a dynamic and rapidly growing organization committed to ensuring the security and integrity of our operations. We are seeking an experienced and proactive IT Security Manager to lead our security team and safeguard our assets, employees, and information.

Position Overview:

As the Security Operations Lead, you will be responsible for overseeing and managing all aspects of our security operations. This role requires a strategic thinker with a strong background in security management, risk assessment, and incident response. You will play a crucial role in developing and implementing security policies, procedures, and protocols to ensure the safety and security of our personnel, facilities, and information.


Principal Duties and Responsibilities:

  • Ensuring clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Manage a region of SOC analysts to deliver a 24x7x365 Security Operations Centre;
  • Developing and improving processes to strengthen the current Security Operations;
  • Ensure daily tasking, quality assessment, training and development is maintained for entire SOC region.
  • Lead staff to proactively identify, prevent, and respond to security incidents;
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring;
  • Producing and disseminating SOC management Information, including preparation of reporting material for Senior Management review;
  • Provide clear, concise reporting around key KPI’s to their customers and internal teams.
  • Manage 3rd Parties to ensure they deliver effective SOC services.
  • Contribute to the design and development of defence and respond strategies, knowledgebase and playbooks.
  • Support to design, build, manage and maintain security monitoring systems and infrastructure such as SIEM, IDS/IPS and cloud-based security platforms.
  • Create and maintain compliance reports, supports the audit process, measures SOC performance metrics, and reports on security operations to Head of Security Operations and Director of GRC.
  • Support the monitoring SIEM alerts effectively to minimize downtime and restore services.
  • Responsible for managing and configuring security monitoring tools.
  • Drive a learning and knowledge sharing security culture;
  • Support the SOC team research global security events, issues and trends to produce security advisories for customers based on findings.


Generic Duties and Responsibilities:

  • Ensuring an effective process of continuous improvement is in place
  • Ensuring compliance with relevant security policies, standards, compliance and regulation
  • Identifying requirements and driving improvements to SOC related policies and standards
  • Inspire and motivate a team of SOC Analysts that can add value to our customers and support the internal teams.
  • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Support Tier 2 Analysts
  • Support sales knowledge base and weekly meetings to ensure up to date knowledge of services is maintained.
  • Support customers for escalation purposes
  • To continuously develop both technical and personal skills required within role and assist with development of other staff.
  • Keep up to date on security developments and news
  • Conducting cyber threat research and analysis for purposes of improving the strength of network security.
  • Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.
  • Proactively support business KPIs.
  • Work with the CyberClan global team when responding to security incidents.
  • Understand and comply with all Information Security policies.
  • Understand and comply with all company policies.
  • Follow agreed security best practices and SOC processes
  • Interact with strategic incident response and threat intelligence vendors.
  • To undertake other responsibilities, training and tasks as reasonably requested by line management.
  • Undertake periodic assurance reviews and produce associated reporting as required.
  • Participate in CyberClan internal security awareness initiatives and other training requests
  • Other duties as assigned by the SOC Manager.


Qualifications:

  • Educated to GCSE level or equivalent
  • Cyber Security Qualification (CISSP, CCSP, Security+, AWS Security, GIAC certifications are an asset)
  • EDR/XDR (Crowdstrike, SentinelOne, MS Defender, Trend Vison One)
  • Networking experience, including IP addressing (VLAN, NAT, DNS, ACL)
  • Linux, Sysmon, and FOSS
  • ITIL Foundation


Skills, Knowledge and Experience:

  • Knowledge and experience of SOC tooling to identify threats.
  • Experience of collaboration tools
  • Keen analytical mind and approach
  • Proactively shares own expertise with others
  • Knowledge and experience of IT systems, networking and security threat landscape including:
  • Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis.
  • Cloud technologies (AWS, Google Cloud, Azure)
  • Active Directory, Group Policies, PowerShell
  • Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)
  • IDP/IPS Systems
  • SIEM tools (such as Splunk)
  • SOAR is an added advantage
  • Knowledge of malware capabilities, attack vectors and impact.
  • Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them.
  • Knowledge and experience in threat analysis.
  • Training or educating network users about security protocols.
  • Administration of network firewalls.
  • Troubleshooting and problem-solving skills.
  • Identification of security areas that can be improved, and the implementation of solutions to those areas.
  • Dependability and flexibility, being on-call or available outside of regular work hours.
  • Security Information and Event Management (SIEM).
  • TCP/IP, computer networking, routing and switching.
  • C, C++, C#, Java or PHP programming languages.
  • IDS/IPS, penetration and vulnerability testing.
  • Firewall and intrusion detection/prevention protocols.
  • Windows, UNIX and Linux operating systems.
  • Network protocols and packet analysis tools.
  • Anti-virus and anti-malware.
  • Various certifications including Security+, CEH, GIAC, CASP, CISSP.


Personal qualities:

  • Confident with customer interactions, including face-to-face, web-ex and internal conversations.
  • Excellent interpersonal skills sufficient to develop professional relationships and rapport amongst key stakeholders
  • Strong team player
  • Genuine enthusiasm and drive to work within cyber security.
  • Excellent customer service skills
  • Good written skills to write explanations of systems, regulations and or procedures.
  • Good verbal communication
  • Ability to identify and suggest continual improvement
  • Good analytical and problem-solving skills
  • Ability to adapt to organisational change
  • Proven ability to manage varied workload
  • Ability to work unsupervised and under pressure.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • A Self Starter with the ability to lead and drive change through an organisation.
  • CEH, CISSP, PMP, GCIH, GSCE, or related certifications.
  • Excellent communication and leadership skills.
  • Knowledge on vendor management.
  • Ability to handle high-pressure situations.
  • Analytical and problem-solving skills.


Location

Remote


% of Travel Required

0-10%


Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.


CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

  • Seniority Level
  • Mid-Senior level
  • Industry
  • Computer and Network Security
  • Information Services
  • Employment Type
  • Full-time
  • Job Functions
  • Management
  • Skills
  • Security Operations
  • Cyber Threat Hunting (CTH)
  • Risk Assessment
  • Incident Response
  • Information Security
  • Security Manage
This advertiser has chosen not to accept applicants from your region.

Security Operations Center lead

Quebec, Quebec CyberClan

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Overview:

CyberClan is a dynamic and rapidly growing organization committed to ensuring the security and integrity of our operations. We are seeking an experienced and proactive IT Security Manager to lead our security team and safeguard our assets, employees, and information.

Position Overview:

As the Security Operations Lead, you will be responsible for overseeing and managing all aspects of our security operations. This role requires a strategic thinker with a strong background in security management, risk assessment, and incident response. You will play a crucial role in developing and implementing security policies, procedures, and protocols to ensure the safety and security of our personnel, facilities, and information.


Principal Duties and Responsibilities:

  • Ensuring clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Manage a region of SOC analysts to deliver a 24x7x365 Security Operations Centre;
  • Developing and improving processes to strengthen the current Security Operations;
  • Ensure daily tasking, quality assessment, training and development is maintained for entire SOC region.
  • Lead staff to proactively identify, prevent, and respond to security incidents;
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring;
  • Producing and disseminating SOC management Information, including preparation of reporting material for Senior Management review;
  • Provide clear, concise reporting around key KPI’s to their customers and internal teams.
  • Manage 3rd Parties to ensure they deliver effective SOC services.
  • Contribute to the design and development of defence and respond strategies, knowledgebase and playbooks.
  • Support to design, build, manage and maintain security monitoring systems and infrastructure such as SIEM, IDS/IPS and cloud-based security platforms.
  • Create and maintain compliance reports, supports the audit process, measures SOC performance metrics, and reports on security operations to Head of Security Operations and Director of GRC.
  • Support the monitoring SIEM alerts effectively to minimize downtime and restore services.
  • Responsible for managing and configuring security monitoring tools.
  • Drive a learning and knowledge sharing security culture;
  • Support the SOC team research global security events, issues and trends to produce security advisories for customers based on findings.


Generic Duties and Responsibilities:

  • Ensuring an effective process of continuous improvement is in place
  • Ensuring compliance with relevant security policies, standards, compliance and regulation
  • Identifying requirements and driving improvements to SOC related policies and standards
  • Inspire and motivate a team of SOC Analysts that can add value to our customers and support the internal teams.
  • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Support Tier 2 Analysts
  • Support sales knowledge base and weekly meetings to ensure up to date knowledge of services is maintained.
  • Support customers for escalation purposes
  • To continuously develop both technical and personal skills required within role and assist with development of other staff.
  • Keep up to date on security developments and news
  • Conducting cyber threat research and analysis for purposes of improving the strength of network security.
  • Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.
  • Proactively support business KPIs.
  • Work with the CyberClan global team when responding to security incidents.
  • Understand and comply with all Information Security policies.
  • Understand and comply with all company policies.
  • Follow agreed security best practices and SOC processes
  • Interact with strategic incident response and threat intelligence vendors.
  • To undertake other responsibilities, training and tasks as reasonably requested by line management.
  • Undertake periodic assurance reviews and produce associated reporting as required.
  • Participate in CyberClan internal security awareness initiatives and other training requests
  • Other duties as assigned by the SOC Manager.


Qualifications:

  • Educated to GCSE level or equivalent
  • Cyber Security Qualification (CISSP, CCSP, Security+, AWS Security, GIAC certifications are an asset)
  • EDR/XDR (Crowdstrike, SentinelOne, MS Defender, Trend Vison One)
  • Networking experience, including IP addressing (VLAN, NAT, DNS, ACL)
  • Linux, Sysmon, and FOSS
  • ITIL Foundation


Skills, Knowledge and Experience:

  • Knowledge and experience of SOC tooling to identify threats.
  • Experience of collaboration tools
  • Keen analytical mind and approach
  • Proactively shares own expertise with others
  • Knowledge and experience of IT systems, networking and security threat landscape including:
  • Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis.
  • Cloud technologies (AWS, Google Cloud, Azure)
  • Active Directory, Group Policies, PowerShell
  • Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)
  • IDP/IPS Systems
  • SIEM tools (such as Splunk)
  • SOAR is an added advantage
  • Knowledge of malware capabilities, attack vectors and impact.
  • Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them.
  • Knowledge and experience in threat analysis.
  • Training or educating network users about security protocols.
  • Administration of network firewalls.
  • Troubleshooting and problem-solving skills.
  • Identification of security areas that can be improved, and the implementation of solutions to those areas.
  • Dependability and flexibility, being on-call or available outside of regular work hours.
  • Security Information and Event Management (SIEM).
  • TCP/IP, computer networking, routing and switching.
  • C, C++, C#, Java or PHP programming languages.
  • IDS/IPS, penetration and vulnerability testing.
  • Firewall and intrusion detection/prevention protocols.
  • Windows, UNIX and Linux operating systems.
  • Network protocols and packet analysis tools.
  • Anti-virus and anti-malware.
  • Various certifications including Security+, CEH, GIAC, CASP, CISSP.


Personal qualities:

  • Confident with customer interactions, including face-to-face, web-ex and internal conversations.
  • Excellent interpersonal skills sufficient to develop professional relationships and rapport amongst key stakeholders
  • Strong team player
  • Genuine enthusiasm and drive to work within cyber security.
  • Excellent customer service skills
  • Good written skills to write explanations of systems, regulations and or procedures.
  • Good verbal communication
  • Ability to identify and suggest continual improvement
  • Good analytical and problem-solving skills
  • Ability to adapt to organisational change
  • Proven ability to manage varied workload
  • Ability to work unsupervised and under pressure.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • A Self Starter with the ability to lead and drive change through an organisation.
  • CEH, CISSP, PMP, GCIH, GSCE, or related certifications.
  • Excellent communication and leadership skills.
  • Knowledge on vendor management.
  • Ability to handle high-pressure situations.
  • Analytical and problem-solving skills.


Location

Remote


% of Travel Required

0-10%


Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.


CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

  • Seniority Level
  • Mid-Senior level
  • Industry
  • Computer and Network Security
  • Information Services
  • Employment Type
  • Full-time
  • Job Functions
  • Management
  • Skills
  • Security Operations
  • Cyber Threat Hunting (CTH)
  • Risk Assessment
  • Incident Response
  • Information Security
  • Security Manage
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Incident response Jobs in Canada !

Security Operations Center lead

Victoria, British Columbia CyberClan

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Overview:

CyberClan is a dynamic and rapidly growing organization committed to ensuring the security and integrity of our operations. We are seeking an experienced and proactive IT Security Manager to lead our security team and safeguard our assets, employees, and information.

Position Overview:

As the Security Operations Lead, you will be responsible for overseeing and managing all aspects of our security operations. This role requires a strategic thinker with a strong background in security management, risk assessment, and incident response. You will play a crucial role in developing and implementing security policies, procedures, and protocols to ensure the safety and security of our personnel, facilities, and information.


Principal Duties and Responsibilities:

  • Ensuring clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Manage a region of SOC analysts to deliver a 24x7x365 Security Operations Centre;
  • Developing and improving processes to strengthen the current Security Operations;
  • Ensure daily tasking, quality assessment, training and development is maintained for entire SOC region.
  • Lead staff to proactively identify, prevent, and respond to security incidents;
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring;
  • Producing and disseminating SOC management Information, including preparation of reporting material for Senior Management review;
  • Provide clear, concise reporting around key KPI’s to their customers and internal teams.
  • Manage 3rd Parties to ensure they deliver effective SOC services.
  • Contribute to the design and development of defence and respond strategies, knowledgebase and playbooks.
  • Support to design, build, manage and maintain security monitoring systems and infrastructure such as SIEM, IDS/IPS and cloud-based security platforms.
  • Create and maintain compliance reports, supports the audit process, measures SOC performance metrics, and reports on security operations to Head of Security Operations and Director of GRC.
  • Support the monitoring SIEM alerts effectively to minimize downtime and restore services.
  • Responsible for managing and configuring security monitoring tools.
  • Drive a learning and knowledge sharing security culture;
  • Support the SOC team research global security events, issues and trends to produce security advisories for customers based on findings.


Generic Duties and Responsibilities:

  • Ensuring an effective process of continuous improvement is in place
  • Ensuring compliance with relevant security policies, standards, compliance and regulation
  • Identifying requirements and driving improvements to SOC related policies and standards
  • Inspire and motivate a team of SOC Analysts that can add value to our customers and support the internal teams.
  • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Support Tier 2 Analysts
  • Support sales knowledge base and weekly meetings to ensure up to date knowledge of services is maintained.
  • Support customers for escalation purposes
  • To continuously develop both technical and personal skills required within role and assist with development of other staff.
  • Keep up to date on security developments and news
  • Conducting cyber threat research and analysis for purposes of improving the strength of network security.
  • Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.
  • Proactively support business KPIs.
  • Work with the CyberClan global team when responding to security incidents.
  • Understand and comply with all Information Security policies.
  • Understand and comply with all company policies.
  • Follow agreed security best practices and SOC processes
  • Interact with strategic incident response and threat intelligence vendors.
  • To undertake other responsibilities, training and tasks as reasonably requested by line management.
  • Undertake periodic assurance reviews and produce associated reporting as required.
  • Participate in CyberClan internal security awareness initiatives and other training requests
  • Other duties as assigned by the SOC Manager.


Qualifications:

  • Educated to GCSE level or equivalent
  • Cyber Security Qualification (CISSP, CCSP, Security+, AWS Security, GIAC certifications are an asset)
  • EDR/XDR (Crowdstrike, SentinelOne, MS Defender, Trend Vison One)
  • Networking experience, including IP addressing (VLAN, NAT, DNS, ACL)
  • Linux, Sysmon, and FOSS
  • ITIL Foundation


Skills, Knowledge and Experience:

  • Knowledge and experience of SOC tooling to identify threats.
  • Experience of collaboration tools
  • Keen analytical mind and approach
  • Proactively shares own expertise with others
  • Knowledge and experience of IT systems, networking and security threat landscape including:
  • Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis.
  • Cloud technologies (AWS, Google Cloud, Azure)
  • Active Directory, Group Policies, PowerShell
  • Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)
  • IDP/IPS Systems
  • SIEM tools (such as Splunk)
  • SOAR is an added advantage
  • Knowledge of malware capabilities, attack vectors and impact.
  • Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them.
  • Knowledge and experience in threat analysis.
  • Training or educating network users about security protocols.
  • Administration of network firewalls.
  • Troubleshooting and problem-solving skills.
  • Identification of security areas that can be improved, and the implementation of solutions to those areas.
  • Dependability and flexibility, being on-call or available outside of regular work hours.
  • Security Information and Event Management (SIEM).
  • TCP/IP, computer networking, routing and switching.
  • C, C++, C#, Java or PHP programming languages.
  • IDS/IPS, penetration and vulnerability testing.
  • Firewall and intrusion detection/prevention protocols.
  • Windows, UNIX and Linux operating systems.
  • Network protocols and packet analysis tools.
  • Anti-virus and anti-malware.
  • Various certifications including Security+, CEH, GIAC, CASP, CISSP.


Personal qualities:

  • Confident with customer interactions, including face-to-face, web-ex and internal conversations.
  • Excellent interpersonal skills sufficient to develop professional relationships and rapport amongst key stakeholders
  • Strong team player
  • Genuine enthusiasm and drive to work within cyber security.
  • Excellent customer service skills
  • Good written skills to write explanations of systems, regulations and or procedures.
  • Good verbal communication
  • Ability to identify and suggest continual improvement
  • Good analytical and problem-solving skills
  • Ability to adapt to organisational change
  • Proven ability to manage varied workload
  • Ability to work unsupervised and under pressure.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • A Self Starter with the ability to lead and drive change through an organisation.
  • CEH, CISSP, PMP, GCIH, GSCE, or related certifications.
  • Excellent communication and leadership skills.
  • Knowledge on vendor management.
  • Ability to handle high-pressure situations.
  • Analytical and problem-solving skills.


Location

Remote


% of Travel Required

0-10%


Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.


CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

  • Seniority Level
  • Mid-Senior level
  • Industry
  • Computer and Network Security
  • Information Services
  • Employment Type
  • Full-time
  • Job Functions
  • Management
  • Skills
  • Security Operations
  • Cyber Threat Hunting (CTH)
  • Risk Assessment
  • Incident Response
  • Information Security
  • Security Manage
This advertiser has chosen not to accept applicants from your region.

Security Operations Center lead

Kelowna, British Columbia CyberClan

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Overview:

CyberClan is a dynamic and rapidly growing organization committed to ensuring the security and integrity of our operations. We are seeking an experienced and proactive IT Security Manager to lead our security team and safeguard our assets, employees, and information.

Position Overview:

As the Security Operations Lead, you will be responsible for overseeing and managing all aspects of our security operations. This role requires a strategic thinker with a strong background in security management, risk assessment, and incident response. You will play a crucial role in developing and implementing security policies, procedures, and protocols to ensure the safety and security of our personnel, facilities, and information.


Principal Duties and Responsibilities:

  • Ensuring clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Manage a region of SOC analysts to deliver a 24x7x365 Security Operations Centre;
  • Developing and improving processes to strengthen the current Security Operations;
  • Ensure daily tasking, quality assessment, training and development is maintained for entire SOC region.
  • Lead staff to proactively identify, prevent, and respond to security incidents;
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring;
  • Producing and disseminating SOC management Information, including preparation of reporting material for Senior Management review;
  • Provide clear, concise reporting around key KPI’s to their customers and internal teams.
  • Manage 3rd Parties to ensure they deliver effective SOC services.
  • Contribute to the design and development of defence and respond strategies, knowledgebase and playbooks.
  • Support to design, build, manage and maintain security monitoring systems and infrastructure such as SIEM, IDS/IPS and cloud-based security platforms.
  • Create and maintain compliance reports, supports the audit process, measures SOC performance metrics, and reports on security operations to Head of Security Operations and Director of GRC.
  • Support the monitoring SIEM alerts effectively to minimize downtime and restore services.
  • Responsible for managing and configuring security monitoring tools.
  • Drive a learning and knowledge sharing security culture;
  • Support the SOC team research global security events, issues and trends to produce security advisories for customers based on findings.


Generic Duties and Responsibilities:

  • Ensuring an effective process of continuous improvement is in place
  • Ensuring compliance with relevant security policies, standards, compliance and regulation
  • Identifying requirements and driving improvements to SOC related policies and standards
  • Inspire and motivate a team of SOC Analysts that can add value to our customers and support the internal teams.
  • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Support Tier 2 Analysts
  • Support sales knowledge base and weekly meetings to ensure up to date knowledge of services is maintained.
  • Support customers for escalation purposes
  • To continuously develop both technical and personal skills required within role and assist with development of other staff.
  • Keep up to date on security developments and news
  • Conducting cyber threat research and analysis for purposes of improving the strength of network security.
  • Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.
  • Proactively support business KPIs.
  • Work with the CyberClan global team when responding to security incidents.
  • Understand and comply with all Information Security policies.
  • Understand and comply with all company policies.
  • Follow agreed security best practices and SOC processes
  • Interact with strategic incident response and threat intelligence vendors.
  • To undertake other responsibilities, training and tasks as reasonably requested by line management.
  • Undertake periodic assurance reviews and produce associated reporting as required.
  • Participate in CyberClan internal security awareness initiatives and other training requests
  • Other duties as assigned by the SOC Manager.


Qualifications:

  • Educated to GCSE level or equivalent
  • Cyber Security Qualification (CISSP, CCSP, Security+, AWS Security, GIAC certifications are an asset)
  • EDR/XDR (Crowdstrike, SentinelOne, MS Defender, Trend Vison One)
  • Networking experience, including IP addressing (VLAN, NAT, DNS, ACL)
  • Linux, Sysmon, and FOSS
  • ITIL Foundation


Skills, Knowledge and Experience:

  • Knowledge and experience of SOC tooling to identify threats.
  • Experience of collaboration tools
  • Keen analytical mind and approach
  • Proactively shares own expertise with others
  • Knowledge and experience of IT systems, networking and security threat landscape including:
  • Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis.
  • Cloud technologies (AWS, Google Cloud, Azure)
  • Active Directory, Group Policies, PowerShell
  • Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)
  • IDP/IPS Systems
  • SIEM tools (such as Splunk)
  • SOAR is an added advantage
  • Knowledge of malware capabilities, attack vectors and impact.
  • Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them.
  • Knowledge and experience in threat analysis.
  • Training or educating network users about security protocols.
  • Administration of network firewalls.
  • Troubleshooting and problem-solving skills.
  • Identification of security areas that can be improved, and the implementation of solutions to those areas.
  • Dependability and flexibility, being on-call or available outside of regular work hours.
  • Security Information and Event Management (SIEM).
  • TCP/IP, computer networking, routing and switching.
  • C, C++, C#, Java or PHP programming languages.
  • IDS/IPS, penetration and vulnerability testing.
  • Firewall and intrusion detection/prevention protocols.
  • Windows, UNIX and Linux operating systems.
  • Network protocols and packet analysis tools.
  • Anti-virus and anti-malware.
  • Various certifications including Security+, CEH, GIAC, CASP, CISSP.


Personal qualities:

  • Confident with customer interactions, including face-to-face, web-ex and internal conversations.
  • Excellent interpersonal skills sufficient to develop professional relationships and rapport amongst key stakeholders
  • Strong team player
  • Genuine enthusiasm and drive to work within cyber security.
  • Excellent customer service skills
  • Good written skills to write explanations of systems, regulations and or procedures.
  • Good verbal communication
  • Ability to identify and suggest continual improvement
  • Good analytical and problem-solving skills
  • Ability to adapt to organisational change
  • Proven ability to manage varied workload
  • Ability to work unsupervised and under pressure.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • A Self Starter with the ability to lead and drive change through an organisation.
  • CEH, CISSP, PMP, GCIH, GSCE, or related certifications.
  • Excellent communication and leadership skills.
  • Knowledge on vendor management.
  • Ability to handle high-pressure situations.
  • Analytical and problem-solving skills.


Location

Remote


% of Travel Required

0-10%


Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.


CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

  • Seniority Level
  • Mid-Senior level
  • Industry
  • Computer and Network Security
  • Information Services
  • Employment Type
  • Full-time
  • Job Functions
  • Management
  • Skills
  • Security Operations
  • Cyber Threat Hunting (CTH)
  • Risk Assessment
  • Incident Response
  • Information Security
  • Security Manage
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Incident Response Jobs
Cookies.
We use cookies on this site to enhance your user experience. More information
Understood