Senior Specialist, IS Protection Centre

Date: Jun 26, 2019

Location: Ottawa, ON, CA

Company: Bell

Req Id: 236607

At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content – we’re revolutionizing how Canadians communicate.

If you’re ready to bring game-changing ideas to life and join a community that values bold ideas, professional growth and employee wellness, we want you on the Bell team.

Corporate Services is at the centre of the action, providing the support that enables Bell’s industry leadership. Our Corporate Security & Responsibility, Communications, Human Resources, Procurement & Value Creation and Real Estate teams work collaboratively to drive our corporate strategy forward.

Corporate Services – Corporate Security

Bell is currently seeking an experienced candidate for a position within the Information Security Protection Centre.  Reporting to the Senior Manager – Digital Forensics and Incident Response (DFIR), this person is responsible to assist with Digital Forensics, eDiscovery, and Incident Response activities for BCE and its subsidiaries.   The candidate should be an independent, critical thinker skilled in analyzing data while working effectively with other internal and external teams to conduct cyber investigations and respond to eDiscovery matters. The candidate must also be able to work in high-pressure situations for extended periods of time as a core member of Bell’s Cyber Incident Response Team (CIRT). 


Job duties/Accountabilities:

  • Conduct PC, server, email, mobile device, RAM, Social Media and Cloud based forensic examinations including preservation, acquisition, and analysis of digital evidence
  • Investigate network and computer intrusions to identify root cause and generate indicators of compromise (IoC) in conjunction with Bell’s Cyber Threat Intelligence team
  • Generate high quality forensic reports and synopses presenting complex technical processes and findings clearly and concisely to technical and non-technical business unit managers
  • As part of Bell’s blue team, working in conjunction with Bell’s red team in exercises towards the common goal of continuing to improve security within BCE and its subsidiaries
  • Both daytime and on call rotations as Duty Officer performing 7x24x365 triage as well as Incident Handling and Response for Bell’s Cyber Incident Response Team

Qualifications – REQUIRED:

  • 5+ years of experience performing forensic acquisition and examination of Windows, Unix/Linux, and Macintosh-based PCs and servers
  • Understanding of multiple forensic platforms and tools – EnCase, Relativity, NUIX, Axiom, FTK, X-Ways Forensics, Volatility, Sleuthkit, BlackBag tools, and/or various Open Source forensic tools.
  • Hands-on experience performing network traffic and/or log analysis
  • Working knowledge of computer/server virtualization/hardware (e.g. VMware, PCI, USB, Firewire)
  • Working knowledge of storage/filesystem configurations (i.e., SANs, RAIDs, SAS, SATA, NTFS, FAT32)

Qualifications – Desired:

  • Understanding of evidence handling and chain-of-custody procedures
  • Forensic lab management experience, including infrastructure (hardware and software), processes, procedures, and supporting documentation based on industry best practices
  • Basic Knowledge of SQL and regular expressions
  • Scripting in one or more of Perl, Python, PowerShell, BASH and/or Windows BATCH
  • Ability to write queries/rules in two or more of LUCENE, Kibana, Splunk, EnCase GREP, YARA

Certifications – Desired (any two or more of the following)

  • Forensics Examiner (e.g. EnCE, ACE, SANS)
  • Incident Handling and/or Response (e.g. SANS, CERT/CC)
  • Canadian Police College (e.g. Cyber Investigator)
  • NUIX Certification(s)
  • Magnet Certification(s)
  • Relativity Certification(s)
  • RAM analysis (e.g. Volatility)
  • Mobile analysis (e.g. Cellebrite, BlackBag, Oxygen, Paraben)

Equally important are soft skills:

  • Strong sense of professionalism and ethics
  • Acts with very high degree of integrity
  • Communicates honestly and openly
  • Passionate about the importance of security, and want to partner with colleagues who need your expertise
  • Providing quality insights to senior stakeholders across the organization, sometimes on short-notice
  • Forward looking self-learner
  • Value truth, openness, and pursuing excellence
  • Ability to reliably and independently ensure things get done
  • Ability to give and receive open and direct feedback
  • Ability to set and manage expectations with senior stake-holders, clients and team members
  • Demonstrate logical argumentation, attention to detail, and critical thinking in documentation and verbal communications


This position requires eligibility to obtain Secret level II clearance (and may require TS+ in the future)


Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec.


Additional Information:
Position Type: Management 
Job Status: Regular - Full Time 
Job Location: Canada : Ontario : Ottawa 
Application Deadline: 07/26/2019 


Please apply directly online to be considered for this role. Applications through email will not be accepted.


At Bell, we don’t just accept difference - we celebrate it. We’re committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.


Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at


Created: Canada , ON , Ottawa

#LI-CC2 #Feature TC:ITN

Find similar jobs: