Job Description - Senior Cyber Threat Analyst (2401353)

Job Description

Senior Cyber Threat Analyst - 2401353

Description

At Raymond James, we develop, we collaborate, we decide, we deliver, and we improve together .

Raymond James Ltd. is Canada's leading independent investment dealers offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

Senior Cyber Threat Analyst

(Evening Shift 2-10PM PST)

How does the role impact the organization?

The financial services industry is constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, the Raymond James Cyber Threat Center (CTC) is charged with ensuring all equities are secure against all tiers of adversaries. We are the central hub for Computer Network Operations and are on the front lines of security incident response, threat hunting, and intelligence. You'll be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment, while helping steer the direction and evolution of the team. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge to developing new detective measures to protect the firm.

What will your role be responsible for?

• Serves as a primary member of the Cyber Threat Center (CTC) who handles security events and incidents daily in a fast-paced environment.
• Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process.
• Ensures continuity of mission between Incident Response shifts.
• Role embodies Cyber Network Defense, and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm.
• Maintains situational awareness for cyber threats across the global firm and act where necessary.
• Daily responsibilities include, but are not limited to:
• Malware and exploit analysis.
• Intrusion monitoring and response.
• Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat.
• Continuing content development of threat detection and prevention systems.
• Data analysis and threat research.
• Creation of IR playbooks, and leading IR automation initiatives.
• Coaching and mentorship of IR team peers.
• Maintains knowledge of security principles and best practices. Must remain current with emerging threats and trends.
• Assists teams in various security and privacy risk mitigation efforts, including incident response.
• Leads information security related projects or in managing strategy.
• Conduct forensic investigations for HR, Legal, or incident response related activities.
• Develop new forensic detective and investigative capabilities using current technical solutions.
• Work with various business units and technical disciplines in a security consultant, incident response subject matter expert role for cyber threats.
• Shares in a weekly on-call rotation and acts as an escalation point for managed security services and associates of Raymond James.

Qualifications

What do we expect from you?

• B.S. in Computer Science, Computer Engineering, MIS, or related degree;
• A minimum of 5 years in Information Technology, including with at least 3 years of related experience in Information Security, 2 years in conducting Cyber Network Defense, and 3 years of experience with incident response methodologies, malware analysis, penetration testing, scripting and/or forensics; or
• An equivalent combination of education, training, and experience.
• Intrusion response and incident management lifecycle and processes.
• Windows, Linux, memory forensics.
• Log analysis (endpoint, network, email, cloud).
• Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis.
• Systems administration in Linux, Unix, Windows or OSX operating systems.
• Forensic and analytical techniques.
• Networking and the common network protocols.
• Demonstrated ability to perform static and dynamic malware analysis.
• Demonstrated ability to analyze large data sets and identify anomalies.
• Demonstrated ability to quickly create and deploy countermeasures under pressure.
• Familiarity with common infrastructure systems that can be used as enforcement points.
• Basic securities industry information including concepts fundamental to working in the financial/securities industry.

Skills in

• Analysis: Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions;
• Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message;
• Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that are consistent with available facts, constraints, and probable consequences;
• Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals;
• Client Focus: Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.

Ability to

• Perform static and dynamic malware analysis;
• Analyze large data sets and identify anomalies;
• Quickly create and deploy countermeasures under pressure; and
• Create complex scripts, develop tools, or automate processes in PowerShell, Python or Bash; and
• Communicate proficiently in French is an asset.

Licenses/Certifications

• One or more of the following certifications or the ability to obtain within 1 year:
• CISSP: Certified Information Systems Security Professional
• SANS: GCIA – Intrusion Analyst
• SANS: GCFE – Forensic Examiner
• SANS: GNFA – Network Forensic Analyst

We encourage our associates at all levels to:

• Grow professionally and inspire others to do the same
• Work with and through others to achieve desired outcomes
• Make prompt, pragmatic choices and act with the client in mind
• Take ownership and hold themselves and others accountable for delivering results that matter
• Contribute to the continuous evolution of the firm

At Raymond James – we honor, value, respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic self, our organization, clients and communities thrive, it is part of our people-first culture. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.

Here at Raymond James we demonstrate our commitment to ensuring equal opportunities for all candidates. To request accommodations, candidates are instructed to contact Human Resources via email at [email protected]. By reaching out to this email address, candidates can communicate their specific requirements and discuss the necessary accommodations they may need to participate fully in the recruitment process.

Salary Range: BC (based on Education, Work Experience, etc) $140,000-170,000 in addition to competitive performance bonuses/incentives.

Raymond James Ltd. is a member of the Investment IndustryRegulatory Organization of Canada (IIROC) and of the Canadian Investor ProtectionFund (CIPF). Customers' accounts are protected by the Canadian Investor ProtectionFund within specified limits. A brochure describing the nature and limits ofcoverage is available upon request or at . 3Macs, MacDougall,MacDougall & MacTier and Raymond James Correspondent Services are divisions ofRaymond James Ltd. Raymond James Ltd. is an integrated financial services firm. Itssubsidiaries, Raymond James Investment Counsel Ltd., Raymond James FinancialPlanning Ltd., Raymond James Trust (Canada) and Raymond James Trust (Québec) Ltd.are not members of the IIROC or the CIPF. Please consult each subsidiary's webpagesfor applicable corporate, regulatory or membership information.

#J-18808-Ljbffr