Intermediate Security Orchestration, Automation and Response Specialist to research, deploy, and maintain SOAR cyber security initiatives for a Financial Services Client - R-3039

Job Type: Permanent
Positions to fill: 1
Start Date: Jan 16, 2023
Job End Date: Jan 16, 2023
Pay Rate: Salary: Negotiable
Job ID: 125522
Location: Toronto
Duration:  Permenant 
Location:  Toronto (Downtown) Hybrid (2 days/wk) 
Job ID:  R-3039 

Our Financial Services Client is in need of a Intermediate Security Orchestration, Automation and Response Specialist to research, deploy, and maintain SOAR cyber security initiatives

Must Have:
  • 3+ years experience as a SOAR Specialist to research, deploy, and maintain initiatives
    • Engineering and operational experience 
  • 5+ years experience as a Systems administrator 
    • General Networking skills required (Layer 2 & 3 switches, OSI Model, TCP/IP, SNMP, etc.)
    • Internet architectures, including web, application, and database components such as: Apache, IIS, memcache, MySQL, SQL Server
  • 2+ years of cyber security tool experience
    • Splunk, Tripwire, CrowdStrike, Qradar, McAfee, F5, Nexpose, Fortinet, Ansible, or similar technologies
Nice to Haves:
  • CCSP, CCSK, CISSP, CISM, ISO 27001/27002 certifications
  • Amazon Web Services (AWS) platform capabilities and best practices architectures, Google Compute Platform (GCP) experience 
  • SOC experience, or responding to cybersecurity investigations an asset
  • Previous financial services experience 
  • Experience utilizing or implementing the MITRE ATT&CK framework
Key Responsibilities
● Lead the SOAR technical, project management, implementation, and operations
● Research and understand the organization's threat landscape to assist in SOAR rollout
● Build list of success criteria for a SOAR project
● Conduct proof of concept exercises across various SOAR technologies
● Develop use-cases and integrations across various SOC tools
● Complete and present project deliverables on time to management
● Ability to communicate effectively to both technical and non-technical audiences
● Ability to create appropriate documentation for a SOAR deployment in an enterprise environment
● Ability to work effectively under pressure (security incident or production issues
● Manage and support SOAR technology across various business units 
● Support the ongoing Security control processes within the enterprise which includes security technologies, networks, information systems, and endpoints both on-premise and in the cloud
● Assist in the design and implementation of resilient Information Security architecture and technologies for efficient threat protection, monitoring, and Incident Response
● Advise the organization about Information Security threats, technologies, and related regulatory requirements
● Develop and implement Information Security metrics, measurement criteria, and reporting to ensure compliance and continuous improvement for a SOAR platform.