Lead, Threat Detection and Response
at Teck
Vancouver, BC, Canada -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 28 Feb, 2025 | USD 144000 Annual | 29 Jan, 2025 | 10 year(s) or above | Powershell,Service Providers,Security Tools,Python,Threat Intelligence,Automation Tools,Risk,Security Operations,Incident Response,Platforms | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
QUALIFICATIONS
- 10+ years of experience in cybersecurity, with a focus on threat detection and incident response
- Proven track record in managing and automating security operations and leading security teams
- Experience in designing and implementing automated detection and response strategies
- Experience in leading third-party security service providers
- Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) or equivalent
- Additional relevant certifications (e.g., CEH, GIAC, GCIH) are a plus
- Demonstrated Teck values by being responsible and courageous, respectful and inclusive, and humble and driven
- An awareness of and ability to increase maturity by building on context, handle risk by assessing trade-offs, standardize process, and to keep Teck safe by anticipating needs
- Solid understanding of security operations, including threat intelligence, threat detection, incident response, and offensive security
- Proficiency in multiple security incident and event management (SIEM) platforms
- Expertise in security orchestration and automated response (SOAR) platforms
- Strong coding and scripting skills in Python, PowerShell, or similar languages
- Experience with detection rule languages and frameworks (e.g., YARA, Sigma)
- Knowledge of security automation tools and platforms (e.g., SOAR, XDR)
- Understanding of APIs and integration techniques for security tools
- Demonstrated personal accountability, transparency and an overall growth mentality
Responsibilities:
- Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
- Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st line of defense
- Develop and implement automated detection rules and processes in SIEM and other security tools
- Write and maintain detection scripts and rule sets in code (e.g., using Python, YARA, Sigma)
- Build and maintain automated incident response playbooks and workflows using SOAR platforms
- Integrate detection and incident response tools with other security platforms to enable seamless, automated threat identification and response
- Conduct regular testing and validation of automated detection and response processes
- Collaborate with the threat intelligence team to ensure detection and response rules are informed by the latest threat intelligence
- Apply machine learning and artificial intelligence to improve detection and response capabilities
- Provide leadership, mentorship, and support to the team on day-to-day operations and critical initiatives
REQUIREMENT SUMMARY
Min:10.0Max:15.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Vancouver, BC, Canada
