Posted on Updated on

Senior Information Security Specialist

Cyber and Information Security

What you’ll do

 

Supporting the Senior Cyber Incident Response Team (CIRT), the Senior Information Security Specialist is a crucial member of our security posture, tasked with protecting our organization’s digital assets through advanced threat detection and response operations. This seasoned professional not only leads these initiatives but also refines detection engineering strategies and mentors junior analysts. Key responsibilities include proactive threat identification, real-time event monitoring, and implementing robust solutions to enhance our security posture. The Senior CIRT Analyst connects day-to-day activities with strategic cybersecurity initiatives by crafting sophisticated detection rules, conducting thorough threat hunts, and improving operational protocols. Collaboration with the Cyber Security Engineering team ensures optimal configuration and deployment of detection platforms, making our defenses both adaptive and strong. The role requires managing multiple tasks under pressure, participating in a rotational on-call schedule for 24/7 incident coverage, and working closely with various stakeholders for effective incident management and mitigation.

 

Working Conditions:

  • Competing Priorities: Flexibility to prioritize and handle multiple tasks simultaneously, ensuring timely and effective threat detection and response.
  • Rotational On-Call Duty: Participation in an on-call schedule, requiring availability during off-hours, weekends, and holidays as needed.
  • Collaborative Team Setting: Frequent interaction with cross-functional teams including IT, legal, and business units to coordinate comprehensive incident response efforts.
  • Continuous Learning: Staying current with evolving cyber threats and security technologies to maintain a robust defense strategy.
  • High-Pressure Environment: Ability to manage high-stakes incidents with potentially significant impact on the organization.

 

Technical Expertise:

  • Incident Management: Lead high-priority investigations, ensuring swift containment and remediation of incidents while meticulously documenting all activities and findings.
  • Detection Engineering: Design, test, and deploy advanced detection rules and logic (e.g., SIEM use cases, KQL queries, Logic Apps) to identify and neutralize security threats.
  • Threat Hunting: Conduct proactive threat-hunting exercises to uncover advanced persistent threats (APTs), using threat intelligence and behavioral analytics.
  • Platform Optimization: Collaborate with security engineers to fine-tune security tool configurations, ensuring optimal efficiency and reliability in threat detection and response processes.
  • Threat Assessment: Perform detailed assessments of systems, networks, and applications to identify potential vulnerabilities, providing actionable recommendations for risk mitigation.
  • Attack Path Analysis: Extract attack paths and Tactics, Techniques, and Procedures (TTPs) to analyze cyber threat actor behaviors.
  • IOC Extraction: Identify Indicators of Compromise (IOCs) during investigations to understand threats better and enhance detection capabilities.

 

Operational Excellence:

  • Metrics and Reporting: Generate detailed security reports for leadership that summarize key findings, operational trends, and actionable recommendations. Utilize tools like PowerBI and ServiceNow dashboards for data visualization. Leverage Excel for creating detailed reports that include pivot tables, charts, graphs, and other data analytics functionalities.
  • Change Management: Oversee changes to CIRT tools and processes in accordance with established change control procedures.
  • Stakeholder Engagement: Work closely with cross-functional teams to align security initiatives with business objectives, ensuring seamless communication during incidents.
  • Knowledge Sharing: Develop and deliver comprehensive training materials to enhance team competency in incident detection, response techniques, and detection engineering.
  • Process Improvement: Spearhead the development and refinement of CIRT workflows and playbooks, ensuring they adhere to industry best practices and organizational objectives.

 

What you bring

 

Technical Qualifications:

  • Bachelor’s degree in computer science, Cybersecurity, or a related technical field; equivalent experience will also be considered.
  • Minimum of 5 years of experience in CIRT operations or similar cybersecurity analysis roles.
  • Proven expertise in detection engineering utilizing tools like Sentinel or similar solutions for rule development and optimization.
  • Hands-on experience with incident response protocols covering containment, eradication, and recovery phases.
  • Solid understanding of cybersecurity frameworks such as NIST, ISO/IEC 27001, and MITRE ATT&CK.
  • Strong verbal and written communication skills.
  • Relevant certifications such as CISSP (Certified Information Systems Security Professional), GCIH (GIAC Certified Incident Handler), GCIA (GIAC Certified Intrusion Analyst), or CEH (Certified Ethical Hacker).
  • Advanced proficiency in developing detection logic using KQL, Logic Apps, etc.
  • Demonstrated ability to lead complex incident investigations from start to finish.
  • Proven experience in leveraging tools and intelligence for proactive threat hunting.
  • Knowledge of securing and monitoring cloud environments such as AWS, Azure, or Google Cloud.
  • Familiarity with automating CIRT workflows using SOAR platforms or scripting languages (e.g., Python).

 

Individual Competencies

  • Integrity: Consistently takes responsibility for actions and adheres to ethical standards; respects confidentiality regardless of pressure from others.
  • Teamwork: Fosters collaborative relationships within the organization; builds partnerships to achieve shared goals.
  • Curiosity: Displays an eagerness to learn new knowledge; values the contributions of others towards personal growth and organizational improvement.
  • Analytical & Critical Thinking: Employs a logical approach to solving problems systematically.
  • Problem Solving: Efficiently gathers information to develop viable solutions while evaluating the accuracy and relevance of facts.
  • Collaboration: Works effectively with others to achieve collective goals.

 

Hybrid

We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes. Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team. #LI-AG2

Apply

 

Company
Canadian Tire Corporation, Limited (“CTC”)
Job Type
Remote-Hybrid
6 views
Contact details
Toronto, Ontario, Canada
Contact listing owner
Please, login to contact this listing owner.