Security Operations - Security Operations Analyst

at  F12net

WHO WE ARE:

F12 was built by uniting IT consulting firms from across Canada around a common vision – to combat risk and complexity by continuously crafting business technology platforms that empower business leaders to focus and thrive. We aim to elevate IT conversations (from ingredients to outcomes) and deliver fully designed solutions where there are no bad options.

GENERAL DESCRIPTION:

Look no further if you seek the fast lane into an IT career or wish to supercharge your professional development. You will collaborate with a diverse team and gain exposure to technology services in scores of businesses; your resume will become rich with experience and accomplishments. F12 is on a mission to elevate our employees. We are doing this by building and retaining an elite team of IT professionals equipped to deliver unmatched service to Canadian business leaders and their teams. We value humble service, self-improvement, hard work, and we are looking for like-minded-minded individuals to join us on our journey.
The Position: The Security Operations Analyst role is one where we look to build a rich and capable team of security professionals to deliver security services to the SMB market. Our security analysts are expected to be involved in highly technical investigations and support the delivery of meaningful, accurate results for both internal and external customers in a dependable and targeted manner. Time management and in-depth knowledge of all internal and many external products and services are imperative to success. The successful candidate will be relied on to identify threats and handle any security incident or customer request in the SOC.

• Apply investigative tactics, techniques, and procedures (TTPs) using your understanding of the security threats associated with the incoming signals to accurately follow Runbooks.
• Analyze incoming security signals in real time with a balance of accuracy and speed using a variety of proprietary and third-party tools.
• Handle in-depth investigations, digital forensics (network, endpoint, log), and customer requests, conveying results to clients by e-mail and phone as needed.
• Investigate security incidents and contribute to incident response reports and after-action reviews.
• Participate in various internal projects and initiatives to increase SOC efficiency and improve SOC tooling.
• Perform audits and secondary review of selected signals, following up with analysts and customers when necessary.
• Block malicious network traffic, isolate infected hosts on customers’ networks, and perform other remediation actions using internal and third-party tools.
• Complete intermediate customer support requests, service administration and troubleshooting tasks.
• Support and mentor analysts during investigations or customer inquiries.
• Identify gaps in processes and procedures and escalate them to the appropriate teams.
• Provide input to our Learning and Development team on training content.
• Perform manual triaging of triggered alerts to identify potential security incidents and threats
• Document true positives and initiate incident response as needed
• Lead individual stages of incident response as needed
• Collaborate efficiently with internal and external stakeholders
• Document incident response workflow and maintain chain of custody for collected evidence
• Compile post-incident report and present evidence and documentation to executive and legal teams, and law enforcement agencies as needed
• Support special security and compliance requirements of external parties
• Ensure security operations duties are executed in accordance with security policies, procedures, and third party or compliance obligations
• Ability to independently run threat hunting
• Ability to independently perform security assessments, pen-testing and red-teaming in IT and OT environments

Who You Are

• 3+ years’ experience of overall network topology; network security; internet, intranet, extranet technologies; and operating systems.
• A bachelor’s degree in Computer Science or Computer Engineering, or Electrical Engineering with a focus in Information Technology
• Information security certifications, such as Security+, CySA+, CEH, PenTest+ are desirable.
• Growth mindset, with a passion for learning
• Collaborative with an ability to cultivate relationships and networks
• Agile, technically savvy, with a knack at creating solutions
• Creative thinker with a unique ability for resourcefulness
• Strong analytical and organizational skills, effective written and verbal communication skills, and team oriented.
• Familiarity with information security vulnerabilities and risk management.

What You Can Expect from Us: We take pride in our forward-thinking, dynamic culture that champions diversity and inclusivity and fosters a respectful working environment. We also want to make sure that however you get IT done in all parts of your life, we’ve got your back. Here are some of the components of our total rewards plan:

• Health Spending or RRSP Matching
• Three weeks vacation plus extra Flex Days
• Reimbursements for educational advancement and certifications
• Leadership development opportunities and growth coaching