Toronto, Ontario, Canada
All Available Locations:
External Posting Description 13;
Reporting to the SOC Implementation Manager, you are self:motivated, energetic, driven for success and results oriented. Your knowledge of security devices, system administration, security operations processes, incident management, professional services and the firm will help you to support delivery and execution of managed security services offered by Deloitte. You will also be a key player and part of a team providing world:class security operations capabilities for our clients and a capability aligned with our strategic direction and that helps the firm better deliver on new and existing engagements. This position will focus on supporting and maintaining the new and existing clients in the SOC. Our network of Cyber Intelligence Centers in Canada are located in Montreal, Toronto, and Calgary. We are recruiting in each of our centers. Occasional travel to local clients will be required and there are also opportunities for travel nationally and globally if the candidate is interested. Ability to obtain Government of Canada Secret security clearance.
:Responsible for Content Development (rules, use cases, reports, queries, etc.) in security information and event management (SIEM).
:Generate and implement rules based on specific client requirements.
:Tuning/testing of content to reduce false positives within the SIEM
:Create documentation (playbooks) of all content created
:Provide input, direction and strategic decisions to help drive content decisions within the SIEM which are based on the industrys best practices
:Ability to assess the content as a result of changes in the client environment.
:Providing reports on a monthly basis or ad hoc communicating the changes in the content in the SIEM platform
:Integrate threat intelligence from various sources into existing and new content
:Customize security content including filters/rules/report creation and vulnerability mapping 13;
External Posting Qualifications 13;
:Bachelors degree in information security, computer science, or related field
:Minimum of two (2) years of experience working in information security with a Security Operations Centre (SOC)
:Minimum of three (3) years of SIEM Content Development experience
:Experience with SIEM technologies (e.g. Arcsight, ELK, QRadar etc.)
:Experience working with Linux and Windows OS
:Experience working with Java, Python, and Perl scripting
:Strong work experience with multiple security technologies (IDS/IPS, Firewalls, Load Balancers, Routing and Switching etc.)
:Industry certifications (CISSP/GIAC) are a strong asset
:Prior experience in information security consulting is an asset
:Advanced knowledge of security analytics, reporting and creative thinking
:Experience integrating new log sources and data correlation rules into the SIEM
Salary Range: 88,000.00 to 102,000.00 Canadian Dollars
Benefits Package: Employee Variable Pay Plan providing an individual performance bonus up to 5 of base salary and an additional discretionary bonus opportunity based on the firms growth. Medical and Dental Insurance, 1,300 CDN in Wellness spending. Entitlement to 15 days of vacation annually. Eligible for additional discretionary bonus, increase in salary and/or promotion, the whole in accordance with firm policies and guidelines.
Location of Work: 400 Applewood Crescent, Suite 500, Vaughan, ON L4K 0C3
Contact Information and Business Address: Bay Adelaide Centre, East Tower, 22 Adelaide Street West, Suite 200, Toronto, ON M5H 0A9, deloitte.ca
Get your career off to a great start. What impact will you make?
We’re always looking for people with the relentless energy to drive and push themselves further to find new avenues and unique ways of reaching our shared goals. At Deloitte, we know
To apply for this job please visit the following URL: https://www.tiptopjob.com/jobs/67591286_job.asp?source=trovit