CALL US 647-847-4660

Security Analyst - Tier 2

Job Type: Permanent
Location: 9131 Keele Street, Concord, ON, L4K 0G7 
Reporting to: SOC Team Lead
Start Date: ASAP

Uzado offers a simplified risk management approach to cybersecurity strategies, where we help our clients prioritize their action plan through various risk dimensions and road mapping. We provide highly detailed insights to help our clients make better business decisions.

Uzado is looking for a self-motivated Tier 2 Security Analyst who will perform information security analysis for our clients, using various technologies and software. Candidates should have experience working with TCP/IP networking, network attacks, attack signatures, defense counter-measures, vulnerability management, and log analysis.

Responsibilities:

  • Monitor and analyze traffic and events/alerts and advise on remediation actions
  • Review and assess impact and remediation actions for incidents escalated by Tier 1
  • Investigate intrusion attempts and perform in-depth analysis of exploits by correlating various sources and determining which system or data set is affected.
  • Follow standard operating procedures for detecting, classifying, and reporting incidents
  • Demonstrate network expertise to support timely and effective decision making of when to declare an incident
  • Conduct proactive threat research
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
  • Independently follow ITIL procedures to identify, contain, analyze, document and eradicate malicious activity
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
  • Escalate information regarding intrusion events, security incidents, and other threat indications and warning information to the client
  • Track trends and configure systems as required to reduce false positives from true events.
  • Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
  • Provide written analysis for monthly reports on an as-needed basis
  • Manage bi-weekly client support calls
  • Modify use cases and manage tuning for multiple clients
  • Provide a daily shift change report

Organically, if the above is managed and achieved, you will:

  • Challenge customers to make improvements and expand their Security Footprint
  • Drive customer retention

Skills, Experience & Qualifications:

  • Customer-oriented, flexible and demonstrated tendency to go above and beyond
  • Ability to communicate efficiently with clients and internal team members at all levels and across functional and organizational boundaries.
  • Organizational skills and time management/prioritization.
  • Comfortable working against deadlines in a fast-paced environment.
  • Minimum of 5 years of job-related experience
  • SIEM Experience (i.e. AlienVault/Qradar/LogRhythm/McAfee)
  • Knowledge related to Patch and asset management systems (Ninja, Bigfix, Solarwind)
  • One or more of the following certifications: CISSP, GCIA, Security+, CEH
  • TCP/IP Networking
  • Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire)
  • Experience with Malware Analysis and Reverse Engineering
  • Prior SOC experience (can include internships)
  • Experience with packet analysis and packet capture tools
  • Incident handling/response experience

We're excited to hear what you would bring to this role and look forward to reading your application!

Send your applications to: careers@uzado.com