162 Incident Response jobs in Canada

Job Description

GlassHouse Systems (GHS) is an enterprise systems, and managed services solutions provider that develops, designs and deploys solutions for leading enterprises in Canada and the US. For almost 32 years, GHS has delivered an enterprise level of service and support to clients. Recognized with industry-leading awards each year, GHS translates this differentiation into positive client experiences.

This role requires an experienced security professional with technical expertise in incident handling, malware investigation and containment, and IR process improvement. In this role, you will be developing and updating IR playbook and runbooks, conducting IR investigations, and participating in IRDF and security governance projects.

· Create and update incident response playbooks and runbooks

· Develop and update incident response methodologies, procedures, and processes

· Develop, review, and maintain security policies and standards in alignment with industry best practices and regulatory frameworks

· Enhance existing IR practice and review of internal processes and activities to assist in identifying potential opportunities for improvement

· Lead and conduct incidents investigation, containment, and remediation

· Engage with clients and guide them on a broad range of technology throughout the incident lifecycle

· Perform root cause analysis for cyber incidents and breaches

· Conduct malware analysis and sandboxing

· Collaborate in forensics investigations

· Provide expert-level briefings to internal and external stakeholders during and after incidents

· Train team members to use and apply IR playbooks and runbooks

· Lead the planning, execution, and delivery of cybersecurity initiatives and projects

· Contribute to penetration test projects

· Manage and optimize security technologies such as SIEM, EDR, and SOAR

· Conduct proactive threat hunting activities using EDR/SIEM data

· Evaluate new threat vectors and support detection engineering teams to improve defenses

· Collaborate in maintaining and managing internal threat intel platforms to aggregate, enrich, and distribute threat intelligence data to internal teams and clients

· Contribute to cyber risk assessments and security awareness programs

· Contribute to phishing campaign simulations and monitoring their effectiveness

· Strong verbal communication skills and excellent technical writing skills

· Strong team player and enjoys working in a fast-paced team atmosphere

· Ability to manage multiple priorities, commitments and projects

· Ability to communicate complex ideas verbally and through documentation

· Must be able to grasp highly technical concepts quickly, develop content, and independently document features for target audiences

What you'll get:

Competitive salary

Health benefits (medical, vision, dental)

Life insurance

Pension plan

Professional development

Amazing company culture

Free parking

Gym on-site

Join a team of professionals led by a diverse set of leaders from across the industry.

GlassHouse Systems commitment:

We believe that a diverse team is the key to innovation and growth. We are an equal opportunity employer that values diversity at our company and encourages all candidates to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

GlassHouse Systems will accommodate individuals with disabilities through each stage of the recruitment process. Please advise us of any needs when your interview is booked and we will do our best to meet your needs.

Please note that all candidates have to be legally eligible to work in Canada.

Any offer of employment will be conditional upon a criminal record check.

GlassHouse Systems thanks all candidates for their interest, however only those selected to continue in the process will be contacted.

· This position requires employees to work from the GHS Toronto office a minimum of three days per week

· 5+ years of experience in cybersecurity, focusing on incident investigation and response

· Proven experience in conducting incident investigation and response, including analysis, containment, and remediation

· Bachelor’s or higher degree in computer science, information technology, information security, computer forensics, or a related field

· Expertise in analyzing Windows, Linux, and macOS logs and incidents

· Familiar with at least one SIEM and one EDR solution (e.g., QRadar, Splunk, SecOps, CrowdStrike, Defender, etc.)

· Knowledge of common technologies and protocols, like SIEM, IAM, Unix scripting, TCP/IP, LDAP, HTTP, DNS, Radius, SSO, Active Directory, cloud computing, etc.

· Excellent (technical) verbal and written communication skills.

· Experience in analyzing security advisories, threat intelligence feeds and providing guidance on risk mitigation strategies

· Familiar with security frameworks like MITRE ATT&CK and ability to identify and analyze TTPs

· Experience with Malware analysis

· Ability to participate in after hours on-call shifts

· High ethical and professional standards

Nice to have :

· Expert knowledge of forensics tools such as Encase, Axiom, Autospy, OSForenscis, FTK imager or similar

· Relevant Certifications such as GIAC (GCIA, GPEN, GWAPT, GCIH, GSEC, GCFA), CISSP, CCSP, CEH, CHFI

· Experience in penetration test

· Experience with vulnerability management technologies, processes and procedures

· Experience in cyber risk assessment/management

· Familiarity with compliance frameworks (PCI-DSS, HIPAA, etc.)

Job Description

Position Title : Security Analyst

Location : Regina, SK

Overview :

Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+yrs of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detect, investigate, and mitigate security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.

Responsibilities :

• Manage and respond to security incident tickets via ServiceNow.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
• Perform root cause analysis of the incident and take prompt actions.
• Analyze cyber security incidents to solve issues and suggest improvement.
• Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
• Support the execution and monitor of phishing simulation exercises, including user targeting, response tracking, and reporting.
• Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).

Qualifications and Experience :

• Experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years
• Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
• Experience in operating systems and platforms (Windows, Linux).
• Experience in incident response, detect, investigate, and mitigate security threats.
• Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Experience in scripting and automation (e.g. Python, PowerShell, Bash).
• Experience in penetration testing and ethical hacking is considered an asset.
• Education: Bachelor's Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
• Excellent communication (written and verbal) in English is required.
• Must be authorized to work in Canada.

Note : Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.

Our Company :

Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.

Let Charter drive your business outcomes Forward, Together.

Job Description

Position Title : Security Analyst

Location : Regina, SK

Overview :

Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+yrs of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detect, investigate, and mitigate security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.

Responsibilities :

• Manage and respond to security incident tickets via ServiceNow.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
• Perform root cause analysis of the incident and take prompt actions.
• Analyze cyber security incidents to solve issues and suggest improvement.
• Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
• Support the execution and monitor of phishing simulation exercises, including user targeting, response tracking, and reporting.
• Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).

Qualifications and Experience :

• Experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years
• Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
• Experience in operating systems and platforms (Windows, Linux).
• Experience in incident response, detect, investigate, and mitigate security threats.
• Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Experience in scripting and automation (e.g. Python, PowerShell, Bash).
• Experience in penetration testing and ethical hacking is considered an asset.
• Education: Bachelor's Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
• Excellent communication (written and verbal) in English is required.
• Must be authorized to work in Canada.

Note : Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.

Our Company :

Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.

Let Charter drive your business outcomes Forward, Together.

Job Description

Position Title : Security Analyst

Location : Regina, SK

Overview :

Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+yrs of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detect, investigate, and mitigate security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.

Responsibilities :

• Manage and respond to security incident tickets via ServiceNow.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
• Perform root cause analysis of the incident and take prompt actions.
• Analyze cyber security incidents to solve issues and suggest improvement.
• Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
• Support the execution and monitor of phishing simulation exercises, including user targeting, response tracking, and reporting.
• Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).

Qualifications and Experience :

• Experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years
• Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
• Experience in operating systems and platforms (Windows, Linux).
• Experience in incident response, detect, investigate, and mitigate security threats.
• Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Experience in scripting and automation (e.g. Python, PowerShell, Bash).
• Experience in penetration testing and ethical hacking is considered an asset.
• Education: Bachelor's Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
• Excellent communication (written and verbal) in English is required.
• Must be authorized to work in Canada.

Note : Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.

Our Company :

Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.

Let Charter drive your business outcomes Forward, Together.

Job Description

Salary:

Position Title: Security Analyst

Location: Regina, SK

Overview:

Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+years of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detecting, investigating, and mitigating security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.

Responsibilities:

• Manage and respond to security incident tickets via ServiceNow.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
• Perform root cause analysis of the incident and take prompt actions.
• Analyze cybersecurity incidents to solve issues and suggest improvement.
• Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
• Support the execution and monitoring of phishing simulation exercises, including user targeting, response tracking, and reporting.
• Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).

Qualifications and Experience:

• 5+years of recent experience in cybersecurity and/or network security in an enterprise IT environment.
• Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
• Experience in operating systems and platforms (Windows, Linux).
• Experience in incident response, detecting, investigating, and mitigating security threats.
• Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Experience in scripting and automation (e.g. Python, PowerShell, Bash).
• Experience in penetration testing and ethical hacking is considered an asset.
• Education: Bachelors Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
• Excellent communication (written and verbal) in English is required.
• Must be authorized to work in Canada.

Note: Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.

Our Company:

Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.

Let Charter drive your business outcomes Forward, Together.

Not quite a fit for this role? Please forward your resume to or for future considerations.

Job Description

Position Title : Security Analyst

Location : Regina, SK

Overview :

Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+yrs of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detect, investigate, and mitigate security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.

Responsibilities :

• Manage and respond to security incident tickets via ServiceNow.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
• Perform root cause analysis of the incident and take prompt actions.
• Analyze cyber security incidents to solve issues and suggest improvement.
• Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
• Support the execution and monitor of phishing simulation exercises, including user targeting, response tracking, and reporting.
• Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).

Qualifications and Experience :

• Experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years
• Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
• Experience in operating systems and platforms (Windows, Linux).
• Experience in incident response, detect, investigate, and mitigate security threats.
• Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Experience in scripting and automation (e.g. Python, PowerShell, Bash).
• Experience in penetration testing and ethical hacking is considered an asset.
• Education: Bachelor's Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
• Excellent communication (written and verbal) in English is required.
• Must be authorized to work in Canada.

Note : Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.

Our Company :

Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.

Let Charter drive your business outcomes Forward, Together.

Job Description

Position Title : Security Analyst

Location : Regina, SK

Overview :

Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+yrs of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detect, investigate, and mitigate security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.

Responsibilities :

• Manage and respond to security incident tickets via ServiceNow.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
• Perform root cause analysis of the incident and take prompt actions.
• Analyze cyber security incidents to solve issues and suggest improvement.
• Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
• Support the execution and monitor of phishing simulation exercises, including user targeting, response tracking, and reporting.
• Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).

Qualifications and Experience :

• Experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years
• Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
• Experience in operating systems and platforms (Windows, Linux).
• Experience in incident response, detect, investigate, and mitigate security threats.
• Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Experience in scripting and automation (e.g. Python, PowerShell, Bash).
• Experience in penetration testing and ethical hacking is considered an asset.
• Education: Bachelor's Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
• Excellent communication (written and verbal) in English is required.
• Must be authorized to work in Canada.

Note : Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.

Our Company :

Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.

Let Charter drive your business outcomes Forward, Together.

Job Title- Security Analyst

Location:- Regina, Saskatchewan, Canada (Onsite)

Duration- 12+ Months (Possible Extension)

Qualifications

MANDATORY

• Candidate must demonstrate experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years.
• Local Knowledge: Client is interested in understanding the Resource’s experience with client, or comparable entities, as it relates to the technical and business landscape. Describe in detail. This requirement is heavily weighted. Provide specific detailed examples.
• Demonstrated working experience with network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS). Provide specific detailed examples.
• Demonstrated working experience with security tools and platforms (e.g. SIEM systems like Sentinel, antivirus, vulnerability scanners). Provide specific detailed examples.
• Demonstrated working experience with operating systems and platforms (Windows, Linux). Provide specific detailed examples.
• Demonstrated working experience with incident response and handling with an ability to detect, investigate, and mitigate security threats. Provide specific detailed examples.
• Demonstrated working experience with risk assessment and management techniques for evaluating risks and implementing effective security solutions. Provide specific detailed examples.
• Demonstrated awareness of compliance and regulations such as ISO 27001 and NIST security frameworks, privacy legislation, etc. Provide specific detailed examples.
• Demonstrated working experience with scripting and automation skills (e.g. Python, PowerShell, Bash). Provide specific detailed examples.
• Demonstrated working experience with penetration testing and ethical hacking is considered an asset. Provide specific detailed examples.

Role and Responsibilities

MANDATORY

• The Security Analyst(s) are envisioned to participate in all projects to which they are assigned and perform work including, though not necessarily limited to:
• Handling the security queue in the ServiceNow application used to manage security incident tickets and comply with incident response plans and processes to address potential threats;
• Analyzing the potential impact of new threats and communicate risks to relevant business units;
• Creating and maintaining operational reporting artifacts (e.g. Risk Management Decision Item (RMDI), incident reporting, human resource (HR) investigations, lost/stolen reporting, etc.);
• Compiling and analyzing data for management reporting and metrics;
• Coordinating with CSRMB to create security awareness campaigns. Research proactively regarding needs and trends to anticipate and identify potential security problems/incidents;
• Responding to computer security incidents according to the security incident response policy and provides guidance to first responders for handling information security incidents;
• Coordinating efforts among multiple business units during security incident response efforts;
• Engaging stakeholders to fulfill their requests (e.g. decommission request, assets decommission executions, etc.). Coordinate with other peers in CSRMB to research needs and trends to anticipate security problems or incidents;
• Assessing security incidents and taking prompt actions in terms of engaging required stakeholders and performing root cause analysis of the incident. Stay updated on information security-related attacks and trends;
• Proactively coordinating with appropriate stakeholders across client OS during a security incident – management, security, operations, and others. Provides timely and relevant updates to appropriate stakeholders and decision-makers;
• Analyzing cyber security incidents to solve issues and suggest improvement in incident response procedures. Creates detailed reports and documentation of all incidents and procedures to the CSRMB, executive government, and leadership of client on a routine basis;
• Supporting the execution and monitoring of phishing simulation exercises, including user targeting, response tracking, and reporting; and
• Responding to and resolving Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs) using ServiceNow.