Information Security Analyst

Job Title: Information Security Analyst

Duration: 6 months Contract

Work Location: Toronto, Ontario

Work Type: Hybrid (In office 4 days a week)

Pay Range: C$68 - C$78/Hr

Job Responsibilities:

1. Define, develop, and/or implement detection strategies, analyze security data, and create monitoring use cases to ensure timely responses to potential threats.
2. The primary goal is to enhance the organization's ability to detect and respond to security breaches.
3. Develop advanced detection logics and algorithms that can efficiently spot and alert of any suspicious activity or potential threats.
4. Perform detection gap assessments to ensure coverage across identity, network, endpoint, cloud, and application layers.
5. This role aligns with CSOC, CSIRT, threat hunting, threat intelligence, red team, risk management, and so forth, to build a threat-informed defense system.
6. May participate in incident support and/or projects to provide reporting, data analysis, and assessments.
7. Develop security monitoring rules/use cases on SIEM platforms (Splunk, Azure Sentinel, Logscale).
8. Identify cyber threats, anomalies, and risks from security-relevant data (e.g., login/logoff events, persistent to outbound data transfers, firewall allows/denies, etc.).
9. Find suspicious or malicious activity by analyzing alerts; investigating indicators of compromise (IOCs like file hashes, IP addresses, domains, etc.).
10. Research and develop new threat detection use cases based on threat research findings, threat intelligence, analyst feedback, and available log data.
11. Perform activities within the content life cycle, including creating new use cases, testing content, tuning, and removing content, and maintaining associated documentation.
12. Work with other security functions and product SMEs to identify gaps within the existing analytical capabilities.
13. Participate in root cause analysis on security incidents and provide recommendations for remediation.
14. Act as the liaison to business units to fulfill audit, regulatory compliance as well as corporate security policy requirements.
15. Create and maintain documentation for detection processes.
16. Continuously improve detection capabilities based on emerging threats.

Must Have:

1. Experience in SIEM content development (Splunk, Azure Sentinel, Logscale, or similar SIEM platform).
2. Understanding of various log formats and source data for SIEM Analysis.
3. Minimum 5 years of information security experience, preferably in engineering or development.
4. Ability to effectively communicate with anyone, from end users to senior leadership - facilitating technical and non-technical communication.
5. Strong incident handling/incident response/security analytics skills.
6. Deep understanding of technical concepts, including networking and various cyberattacks.
7. Solid background with Windows and Linux platforms (security or system administration).

About The Company:

• Top 10 bank in Canada and North America offering comprehensive financial solutions. Providing retail, commercial, wealth management, and wholesale banking services, we help clients thrive in today's evolving market.

About GTT:

• GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American owned company in Alaska. As a Native American-owned, economically disadvantaged corporation, we highly value diverse and inclusive workplaces. Our clients are Fortune 500 banking, insurance, financial services, and technology companies, along with some of the nation's largest life sciences, biotech, utility, and retail companies across the US and Canada. We look forward to helping you land your next great career opportunity!