Job Title: Information Security Analyst
Duration: 3 months Contract
Work Type: Hybrid (any 2 days – preferably Tues and Wed)
Pay Range: $35 - $45/Hr
Summary Of Day-To-Day Responsibilities:

• We are looking for someone to guide a group of Cybersecurity Incident and Forensic first responders. You will provide specialized expertise on Cybersecurity Events, Incidents, and Digital Forensics.
• You will support the learning and growth of our team members as a guide in Threat Defense Operations with a focus on mitigating risks to protect our client
• You may also participate in projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
• Moderate to advanced hands-on experience on all modern operating systems, role-based access, internal file structures, registries, and data storage.
• Moderate to advanced experience as an Incident Manager working on complex information security and cybercrime-related incidents, requiring coordination with internal and external enterprise teams, as well as third parties, vendors, partners, etc.
• Moderate experience working with cybersecurity events and incidents related to network layer 7/application and internet-facing attacks
• Moderate to advanced experience briefing executives related to cybercrime and information security incident triage, incident containment, and incident recovery
• Moderate to advanced experience authoring complex communications related to cybercrime and information security incident triage, incident containment, and incident recovery
• Moderate to advanced experience authoring and maintaining playbooks and other process/governance documentation

Here are the essential job functions of this position:

• The candidate should be continuing to advance their knowledge, skills, and abilities in all cybersecurity domains (Incident Response, Forensics, Offensive cybersecurity, Cybersecurity intelligence, and cybersecurity risk management)
• Able to complete hands-on keys L1 and L2 responsibilities when necessary.
• Possesses the ability to mentor and guide junior analysts through completing L1 and L2 investigations.
• Has a solid foundation, knowledge, skills and technical ability to investigate any cybersecurity events, tuning requirements for cybersecurity control plane, and debug alerts to evaluate legitimacy and accuracy.
• Oversee shift operations and ensure 24x7x365 operational coverage is met. Ensure conflicts with meetings, breaks, and other engagements are managed to always ensure proper coverage.
• Distribute workload among the shift members to ensure quality and accuracy of investigations, priority, and adherence to SLO/SLAs
• Ensure the SLA for event investigations are not breached and escalate to CSOC Senior Leaders any alerts or investigations that are subject to SLA breach as per procedure.
• Possesses the ability to perform hands-on peer reviews on closed L1 alerts and closed L2 investigations
• Consult with L3 and Fusion Incident Management to provide shift resources for open or ongoing investigations for L3 events and open incidents.
• Manage the regional shift handovers and ensure the starting shift/region has everything needed to pick up any open cases and drive to closure
• Lead the shift transfer process, Accountable for all tasks, but encouraged to use the entire Work as a liaison between their shift, other shifts, CSOC Senior Leaders, CSOC Senior Managers, and other teams, communicating concerns and relaying pertinent information
• The candidate is responsible for delivering communications for process/workflow changes or updates, and monitoring the effective execution of the process/workflow
• Assist with scheduling, ensuring coverage, and reporting to management 24/7 on team members' absence (sick, emergency, etc.)
• Utilization of the QA Daily, Incident,s and L1/L2 dashboards to manage event handling
• Attendance to the Fusion situational calls

Must Have:

• 3+ years of practical or relevant experience and knowledge of IT security and Incident Management practices across multiple domains.
• Candidate should possess moderate to strong hands-on experience in all modern Operating Systems (Windows/NIX/Cloud/Mobile)
• Candidate should possess strong hands-on experience with traditional incident response detection tools such as SIEM, EDR, XDR, Firewall, WAF, email proxies, NIDS, and equivalent
• Strong knowledge of organization, technology controls, cybersecurity, and risk assessment issues
• Exp working with Azure, Defender, Sentinel

Soft Skill Must-Haves:

• Strong leadership and people-building skills within IT and Cybersecurity
• Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
• Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization, and outside vendors

Nice to Have

• Information Security Certification / Accreditation are an asset.

DISQUALIFIERS – is there any information/experience on a candidate's resume that would disqualify them from consideration for this position?

• Gaps in resume
• If practical experience can't be described in the interview

About The Company:

• Top 10 bank in Canada and North America offering comprehensive financial solutions. Providing retail, commercial, wealth management, and wholesale banking services, we help clients thrive in today's evolving market.

About GTT

• GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American owned company in Alaska. As a Native American-owned, economically disadvantaged corporation, we highly value diverse and inclusive workplaces. Our clients are Fortune 500 banking, insurance, financial services, and technology companies, along with some of the nation's largest life sciences, biotech, utility, and retail companies across the US and Canada. We look forward to helping you land your next great career opportunity!

25-21412 #gttca #LI-GTT #LI-Hybrid