Cyber Security, Specialist

Date: Aug 5, 2019

Location: Montreal, QC, CA

Company: Bell

Req Id: 238072 

 

At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content – we’re revolutionizing how Canadians communicate.


If you’re ready to bring game-changing ideas to life and join a community that values bold ideas, professional growth and employee wellness, we want you on the Bell team. 


Bell is making unmatched investments in our world-leading broadband fibre and wireless networks because we know they’re the backbone of the products and services our customers love. If you’re excited about transforming the way people connect, our Network team is the right place for you.  
 

This is a technical role responsible to prevent, detect and mitigate security events. Daily activities include cyber threats analysis, security event and incident management.

The senior security analyst must demonstrate an appreciation and ability to function within the Bell security operating. The specific focus of the position requires knowledge for the management of all operational, processes, procedures and technological capabilities required to support both internal and external managed services customers.

The senior analyst is required to rapidly demonstrate an understand of each of the managed customer contractual requirements as it relates to operational performance and deliverables, the respective internal infrastructure and inter-networking relationships as well as the required security operating practices as defined by the contracts.

The position is during regular office hours, with after hours availability (pager) to fulfill a 7/24 operational requirement. The role, as required, must also be capable of serving within a SIRT as called upon, to contribute or lead specific investigation. 

 

Responsibilities: (For Bell SOC external and internal customers)

  • Investigate security events and incidents
  • Deliver recommendations to continuously improve detection, escalation, containment and resolution of incidents
  • Enhance existing incident response methods, tools and processes
  • Collect, assess, and publish threat indicators
  • Maintain knowledge of the current security threat level by monitoring related Internet postings, intelligence reports, and related sources
  • Perform comparative analysis on results collected against threats, vulnerabilities and other malicious technological programs launched through the internet.
  • Perform malware analysis and reverse engineering
  • Perform Network Security Monitoring
  • Participate in on-call rotation
  • Available for extended hours in the event of a major incident

 

The Senior Security analyst – Lvl3 act in a Bell Canada security operating environments.  The specific focus of the position requires knowledge for the management of all operational applications, processes and technological capabilities required to support the managed security deliverables within all security operating centers.

The incumbent is required to understand each of the managed customer contracted requirements as it relates to operational performance and deliverables, the respective internal infrastructure and inter-networking relationships as well as the required security operating practices as defined by the contracts.

 

Accountabilities:

  • Review and interpret alerts and provide diagnostics during incident management and analysis to support clients. (as a LVL3)
  • Perform comparative analysis on results collected against threats, vulnerabilities and other malicious technological programs launched through the internet.
  • Based on the nature of the security threat, assess and establish mitigation steps to ensure appropriate treatment as well as ensure notification of the customer and management as appropriate.
  • Proactively manage all perimeter security equipment, intrusion detection and prevention systems, information event management systems (SIEM), data correlation tools and/or system components as may be required to interrupt or affect the above threat.
  • Configure, implement, manage and maintain security devices as well as provide general knowledge and recommendations for security best practices.
  • Receive customer requests.  Participate in new customer and services integration.  Prepare implementation of services.
  • Develop, maintain and update documentation associated to production releases.
  • Adhere to best practices for security management.
  • Provide 2nd and 3rth level response to security threats and vulnerabilities and able to analyze event logs, syslogs, and other data sources to determine the root cause of security events and provide a recommendation to resolve the event.

 

Responsibilities include:

  • Analyzing security events, incidents and problems to provide recommendations on action
  • Actioning escalated incidents, problems and service requests in a timely manner
  • Owning and managing tickets through to resolution
  • Maintaining the relationship to keep clients and management informed and throughout the incident, problem and change management cycles
  • Proactive monitoring of client environments using specialized security applications
  • Performing audit and analysis functions on client data
  • Ongoing training and certification to maintain your technical skills at the highest level
  • Participation in a weekly after hours on-call rotation
  • In the customer integration he act as a SME.  (Process integration + technical integration, documentation, training)
  • In the operations, he is the one who should challenge the customer when the requirements are not aligned on security best practices. He is part of all customer major projects and he is responsible to document all changes. (lvl3 don’t have access in the production environments. They are responsible to document the work instruction for the technician who will push the change in Production.)
  • Perform cap and perf reports
  • Participate to monthly calls with customers

 

This specialty covers integration, implementation, modification, and coordination of the installation, testing, operation, troubleshooting, and maintenance of hardware and software systems.

Functions may include conducting needs analyses, planning and scheduling the installation of new or modified hardware/software, developing functional and technical requirements and specifications, allocating systems resources, managing accounts, documentation, and access to systems and equipment,  monitoring the performance, capacity, availability, service ability, and recoverability of installed systems, implementing security procedures and tools, maintaining systems configuration, managing the installation and integration of system patches updates, and enhancements, and ensuring the rigorous application of information security/information assurance policies, principles, and practices.

 

Specific Experience:

  • Experience / Knowledge of variety of Intrusion Detection platforms
  • Experience / Knowledge of SIEM technology – HP Arcsight ESM
  • CISSP and any GIAC certification or similar certification desirable
  • Proven experience performing analysis of security events to determine root cause and provide resolution
  • Certification in security incident and event management systems such as ArcSight or enVision
  • Very strong working knowledge of security tools such as firewalls, IDS/IPS, A/V, anti-spam, content management, server and network device hardening
  • Competence in using an internal and external ticketing system for ITIL-based incident, problem and change management
  • Previous experience in troubleshooting day-to-day operational processes such as report generation, data verification, data correlation, etc.
  • Excellent oral, written and documentation skills
  • Methodical and creative approach to problem-solving
  • Completion of University or College program in Computer Science; or 5 years of equivalent industry experience in the information systems field.
  • Proven experience in the design, implementation and troubleshooting of operational security solutions.
  • Proven experience in the implementation, daily management and troubleshooting of firewalls of multiple vendors.
  • Proven experience in the daily management and troubleshooting of the intrusion prevention systems (IPS).
  • Experience translating complex and ambiguous problems into actionable components.
  • Excellent communication and presentation skills.
  • Excellent communication skills in both English and French (written and spoken)

 

Desired Assets:

  • Knowledge of NIST, ISO 27001, ITIL, SAS70 (or 5970) and/or other compliance frameworks;
  • Understanding of mitigating controls at the systems, network, and application level (VPN, Firewalls, Intrusion detection and prevention, security information event management systems (SIEM), server hardening and encryption technologies).
  • Experience with tools used for Security (Arcsight, Tuffin, Provider1)
  • Thorough knowledge of security information events management (SIEM) and server hardening and encryption.
  • Experience in building UseCases within Arcsight.

 

#LI-SAH1 

 

 

Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec. 

 

Additional Information:

Position Type: Management 
Job Status: Regular - Full Time 
Job Location: Canada : Quebec : Montreal 
Application Deadline: 08/20/2019 

 

Please apply directly online to be considered for this role.  Applications through email will not be accepted.

 

At Bell, we don’t just accept difference - we celebrate it. We’re committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.

 

Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or recruitment@bell.ca to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at inclusion@bell.ca.

 

Created: CanadaQC, Montreal

Find similar jobs: