Icon hamburger
Briefcase

Create Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
You already suscribed to this job alert.
No Thanks
CA
What job do you want?

Create Job Alert.

Get similar jobs sent to your email

Apply to this job.
Think you're the perfect candidate?
Apply Now
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
CAN - IT - Security Specialist V at Tekstaff

CAN - IT - Security Specialist V

Tekstaff Toronto, Ontario Full-Time
Apply Now

Create Job Alert.

Get similar jobs sent to your email

This is a 6 months contract located in Toronto, Ont/Remote.  
 
If you are interested in this posting please call me or send me your updated resume formatted in word. Please fill out the representation agreement and the skills matrix chart.

If you are not interested but know of someone who meets this criteria please feel free to forward them my contact information.  
 
 Please fill out the below email confirmation clearly stating the job #, title and permission to TekStaff allowing us to present you for this role.  
 
“I, give Tekstaff IT Solutions Inc. the Contractor Representation Agreement me for position number (37501 IT Security Specialist V)> at the Bank at a pay rate of $.”
 
 
Please note - This is a 7.5 hour work day.   
*All successful candidates will be subject to a mandatory credit AND criminal check as per the client.
 
If you require any type of accommodations (for example, accessible interview site, alternate formats of materials, Assistive Technology, ASL Interpreter, etc.) during the recruitment and selection process, please let one of our Recruiters know.
 
*Please note that all contractors are subject to a possible Holiday Leave program schedule, set by the client.
 
  Qualifying Questions: Legal First Name:   Legal Middle Name (if applicable):   Legal Last Name:   Availability to Start   Upcoming Vacations/Time Off (Yes/No, When)   Banking/FI Experience (Yes/No, Where)   Pay rate   Incorporated (YES/NO)   Month/Day of Birth**   Last 3 digits of SIN**   Will pass a mandatory criminal and credit check as per the client(YES/NO)   Notice to interview   Actively interviewing/Offers (Yes/No)   Please address any employment gaps in the resume   Reason for looking for new opportunities   ** This information is needed to create a unique Security ID for you in the client's internal system.  
SUMMARY OF DAY TO DAY RESPONSIBILITIES: Building Security Use Cases

Responsibilities:
• Develop and implement SIEM use cases using Splunk Enterprise Security
• Thoroughly document implementations, via technical documentation and playbooks for the client
• Provide input and feedback for existing SIEM use cases, analyze and propose detection improvements
• Possess a firm understanding of the capabilities within Splunk, Splunk Enterprise Security.
• Design and drive technical plans toward security analytics management objectives such as: integration of events from cloud/on prem platforms to enterprise SIEM; implementation of use cases/policies; net new security use cases development to support Security Logging & Monitoring/UEBA, account for the effect of the evolving threat space on the overall set of existing security use cases.
• Categorize SIEM use cases using MITRE ATT&CK framework, participate on Purple team testing and ensure successful implementation.
• Possess a solid understanding and have experience with systems automation platforms and technologies.
• Customer facing role – Walk thru to white boarding of SIEM use cases development process and implementation planning to stakeholders

Qualifications:
• 3-5 years' work experience in information security, cyber security, data protection or a related field
• Security Analytics and UBA (Splunk): 3+ years of experience in performing security event management, security information event management and/ or security analytics configuration and management, security use case development and tuning, operational management and administration.
• Working experience with security event management and security analytics operational governance and fundamental operational processes (intake of new log sources, on-boarding, use cases management, etc.)
• Proven experience with the successful development and deployment of use cases correlating information from various heterogeneous security feeds/platforms (e.g.: threat intel feeds, IOC. EDR, APT intelligence, etc.)
• Experience with securing virtual, physical and cloud environments
• Proven expertise with Splunk Enterprise Security and Splunk User Behavior Analytics
• Working Experience with one or more of the following technologies:
o Preferred: Splunk, MS Azure Security Center (ASC), Microsoft Cloud Application Security (MCAS), Amazon Web Services (security services, e.g.: CloudTrail, CloudWatch),
o Optional: ArcSight, RSA, Securonix, QRadar or equivalent tools
• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes.
• Experience and exposure to threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
• Knowledge of IT service management processes and concepts, including change management, incident management, problem management, and configuration management
• Knowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication, and risk management
• Strong interpersonal and communication skills; ability to work in a team environment
• Ability to work independently with minimal direction; self-starter/self-motivated
• An understanding of regulatory and Controls requirements: PCI, FFIEC, SOX, HIPAA, ISO 2700x, NIST standards
Certifications:
• Professional Splunk Certification (Splunk Architect, Splunk Enterprise Security Admin)
• Professional IT security certification such as CISSP, SANS Certified Intrusion Analyst (GCIA), CEH, GSEC and/or CISM.

MUST HAVE:

1.) Able to create Splunk Security Use cases 3+ years
2.) SIEM – 5 years
3.) Cyber security

NICE TO HAVE

1.) CISSP
2.) Azure
3.) Splunk Enterprise Security Admin
4.) Previous FI experience   Qualification Rating Must Have Short-listing Questions Skills Able to create Splunk Security Use cases  years Information Security  years SIEM  years Nice to Have Short-listing Questions Previous financial institution or banking experience Yes Splunk Architect Certification Yes Splunk Enterprise Security Admin Yes Skills CISSP, CISA, CRISC certifications Yes MS AZURE years
 

Recommended skills

Incident Management
Application Security
Certified In Risk And Information Systems Control
Certified Information Systems Security Professional
Information Security
Certified Information Security Manager
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 20-01302

TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using you are agreeing to comply with and be subject to the Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.