At Algonquin-Liberty, we hire passionate people who care about doing the right thing for our customers. We are entrepreneurial, creative, and outcome-focused. Here, your natural talent and achievements will flourish in an inclusive environment of teamwork, trust and continuous learning. We are always pursuing excellence to exceed our ambitions goals, rewarding both the goal outcome and how we achieve it.

ACCOUNTABILITIES

• Monitor, track, and report on security alerts, and incidents that happen throughout the day.
• Develop and deploy dashboards and reporting to meet Liberty’s needs
• Perform incident response activities as directed
• Validate suspicious events and incidents using open-source and proprietary intelligence sources
• Perform as an escalation point for Tier I and II Analysts, as necessary, related to alerts
• Standardize and Maintain Incident Response Playbooks
• Perform forensic analysis on workstations, malware, malicious domains, etc.
• Leverage strong communication skills, written and verbal
• Monitor Security Monitoring Tools for Alerts
• Support ITSRC projects and IT engagements
• Review, document, evaluate, and support response to reported phishing emails.
• Develop and compile reports on security incidents (phishing, viruses, breaches, etc.)
• Respond to and research innovation request technologies submitted by the business. Triage and provide recommendations to IT Security Risk and Compliance leads.

EDUCATION AND EXPERIENCE

• University - Bachelor degree or equivalent experience
• 5 + years of cybersecurity experience
• Relevant security certifications is an asset (i.e., GCIA, GCIH, GSOC, Security+, CISSP, etc.)
• Strong background in ticket management systems
• Strong familiarity in incident response
• Windows-Administration background
• Familiarity of IT Best-Practices (NIST, ISO27001)
• Understanding of antimalware technologies (Signature-based & Heuristic)
• Solid understanding of threat vectors and incident response investigation best-practices
• PC skills and hands-on experience building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, and Access.
• Knowledge of scripting languages is required
• Strong documentation skills required
• Knowledge of information security industry best practices is required

As the Analyst III, Security Operations will be responsible for maintaining the confidentiality, integrity and availability of information assets and ensuring operational best practices and delivering on agreed upon service expectations and procedures. As a Security Operations Analyst III at Liberty, you will be collaborating with stakeholders across the organization to operate and sustain a security operations program. You will be instrumental in operationalizing the Security Operations Team at Liberty – defending both the Information Technology (IT) and Operational Technology (OT) environments against an ever-evolving threat landscape. You will work alongside the IT Infrastructure, IT Operations, and other security partners within Liberty to support the enterprise cybersecurity program. You will be an active team member in daily Security Operations which includes Incident Monitoring & Response, Web Application Firewall administration, SIEM administration, Threat Intelligence gathering, Threat Hunting, Tabletop Exercise execution, Red & Blue team engagements, and Vulnerability Management, developing hardened configurations, and improving system protection configurations. Your role will also include supporting various IT related engagements such as supporting regulatory and compliance requirements (NERC CIP, SOX, PCI-DSS). The Analyst III, Security Operations must apply their advanced knowledge of security technology and operations gained extensive professional experience with these technologies, processes, and theories. You will help develop and coach junior members of the team in advancing their knowledge and expertise upon effective security operations and administration.
The Analyst III, Security Operations will be responsible for maintaining the confidentiality, integrity and availability of information assets and ensuring operational best practices, delivering on agreed upon service expectations and procedures

LI-Remote