Senior Analyst

at  WestJet

WHY WESTJET:

Every WestJet journey has the potential to enrich lives; a career with us is no exception.
WestJet arrived on the Canadian airline scene in 1996 and changed the industry for the better. We made air travel more affordable for Canadians and now we’re going global.

EXPERIENCE AND QUALIFICATIONS:

• Typically requires a bachelor’s degree and 5+ years of experience, or an equivalent combination of training and experience.
• Strong technical competence with multiple security platforms and services (EDR, IPS/IDS, NGFW, SIEM, email security, CASB, DLP).
• Information security certification (for example CISSP, GCIH GCFA).
• Strong working knowledge of and demonstrated ability to apply common frameworks and models used for Information Security, such as MITRE, NIST CSF, and SANS.
• Familiarity with regulations such as GDPR, PIPEDA and PCI DSS.
• Strong knowledge of industry standards on policies, standards and guidelines relating to information security.
• Good knowledge and understanding of network security, application security, data security and cloud security domains.
• Requires expert problem-solving skills.

HYBRID ROLE:

This position requires collaboration at the WestJet Campus (22 Aerial Place NE) a minimum of 3 days per week.

OVERVIEW OF ROLE:

The Senior Analyst – Threat Detection and Response is responsible for responding to escalated incidents from the Security Operations Centre, developing use cases for improvements to response / automation, and participate with the CSIRT when called. The successful candidate will build strong relationships within the larger Cyber and IT teams to communicate finding and solutions to remediate threats and vulnerabilities. They will collaborate with the Cyber teams on our improvements to incident detection and response times.

KEY DELIVERABLES AND RESPONSIBILITIES INCLUDE:

• Works on complex analysis of cybersecurity events across multiple security platforms with the potential to affect multiple IT and Business teams, where advanced business acumen and/or ingenuity are required.
• Assignments require in-depth analysis of cybersecurity events, malware, network traffic, and other threat data with minimal precedent.
• Applies in-depth knowledge, skills, and practices to correlate events and communicate findings to incident stakeholders.
• Demonstrates advanced knowledge of cybersecurity disciplines with a focus on Incident Response and Threat Intelligence. Has an in-depth understanding of the potential business and industry impact.
• Identifies opportunities to develop new processes, tools, and services that improve event analysis and incident response, decreasing overall time to detect and respond.
• Take Ownership of projects, processes, and milestones on semi-regular basis.
• Works under minimal supervision. Requires little to no instruction on day-to day work and general direction on more complex tasks and projects.
• Collaborates within the Cybersecurity Operations team to develop threat hunting use cases, perform investigations, and analyze findings.
• Serves as a resource integrator – builds professional networks by identifying and connecting resources to solve issues and achieve goals. Regularly contributes actionable ideas in planning and design sessions.