Top Benefits
About the role
About the Role Are you passionate about cybersecurity? Are you tired of hearing about constant cyber attacks on Canadian education institutions, and are eager to make a difference? If so, we have an exciting opportunity for you!
Cybera is a not-for-profit agency whose mission is to improve the lives of Albertans through the use and advancement of digital technologies. We serve the province’s education, enterprise, research and government sectors. We have established a regional Security Operations Centre (rSOC) to monitor, detect, and respond to cybersecurity threats targeting Alberta’s post-secondary institutions.
As a SOC Analyst, you will have a hands-on opportunity to apply your security knowledge and experience across various cybersecurity domains and stages of incident response . A key factor for success in this role will be your ability to effectively identify and investigate incidents, manage escalations and work with our members throughout the incident lifecycle until resolution.
In this role, you will be encouraged to challenge the status quo, think creatively, and adopt a growth mindset to develop new and innovative solutions to complex challenges. Continuous learning and exposure to leading security technologies will support you as we work towards building advanced defences for cyber threats, with the support of our rSOC team.
What You’ll Do: Conduct proactive monitoring, investigation, and escalation of security incidents. Recognize any potential, successful, and unsuccessful intrusion attempts and compromises through correlation analysis of relevant event details and summary information. Investigate malicious URLs, domains and IPs using open source and sector intelligence. Provide mitigation guidance and support in response to identified threats, drawing upon common industry practices and vendor recommendations. Continuously build and evolve high confidence and high fidelity detection rules for anomalous or suspicious events, in collaboration with other rSOC team members. Actively contribute to the continuing development of the rSOC practices, processes, procedures, standards and methodologies, and actively contribute to the knowledge base. Utilize playbooks, guidelines and various techniques for investigating incidents using rSOC technologies. Report log coverage gaps, parsing issues and high-volume detection of false positives, with other rSOC team members. Participate in ongoing monthly meetings with members to present service performance metrics, discuss notable events, and other operational matters. Act as the first point of contact for security incidents and service requests into the rSOC, in line with set SLAs. Apply cybersecurity and privacy principles to organizational requirements.
What You Bring:
Education and Experience Minimum one year in a SOC environment. Experience documenting cybersecurity processes and procedures, and utilizing playbooks to investigate and respond to incidents. (ISC)2, CompTIA, GIAC, or other relevant cybersecurity certifications are desirable.
Skills Understanding of cybersecurity threats and risks to the academic sector. Ability to identify, analyze, document, and report relevant threats and incidents. Experience in identifying and investigating security incidents. Practical understanding of cybersecurity concepts, such as incident response practices,vulnerability management, and IT Service Management concepts. Demonstrated ability to gain trust and credibility from internal and external stakeholders.
Technical Proficiencies Experience with SIEM and UEBA technologies. Experience with SOAR technologies and utilizing playbooks Experience with EDR technologies such as Microsoft Defender ATP, CrowdStrike, or SentinelOne. A thorough understanding of the MITRE ATT&CK framework and Cyber kill-chain. Experience with investigating brute-force attacks, phishing email, malware, and network log analysis. Ability to document and explain technical details clearly and concisely to both technical and non-technical audiences. Practical networking experience with an understanding of TCP/IP and other network protocols. Experience with using threat intelligence feeds; excellent troubleshooting and analytical thinking skills. Strong documentation and communication skills.
These requirements represent an ideal candidate. The potential of the individual’s background and experience to meet the responsibilities and expectations of the role is considered in all instances. This is your opportunity to be a part of a newly formed rSOC that will change the security landscape for post-secondary institutions!
Schedule and Conditions of Employment: Our team currently ensures coverage between the hours of 6:00am-4:00pm, Sunday through Saturday, with workdays that shift throughout the week on a rotating schedule throughout the year. As the rSOC continues to evolve, rSOC schedules will vary as to best serve our members, ensure coverage, and support organizational needs.
Selected candidates will be required to provide a satisfactory employment and criminal record check as a condition of employment.
Compensation and Location: This position is based in our Calgary office. Salary will be commensurate with experience. No relocation costs will be awarded.
Benefits of working at Cybera: This is your opportunity to work for a flexible, tech-forward not-for-profit that is helping Canada become a more equitable place to work, learn, and play! We offer: A hybrid working environment. Highly supportive and inclusive work culture. 35 hour work weeks.
Benefits: Health & Vision benefits from day 1. Long & Short term disability benefits from day 1. Flexible Health Spending Account (after successful probation). Annual professional development funds. Regular Lunch & Learns covering department updates to EDI topics. RRSP program (after successful probation). Healthy snacks in the office – and sometimes unhealthy snacks. 10 days per year to use for sick time or mental health breaks. The opportunity to invest in yourself and your career.
How to Apply: This posting will remain open until a suitable candidate is found. Your application should include a resume and a short response (in your own words) to two application questions listed below. Your answers should demonstrate how your skillset matches the position requirements (of course we don't expect you to have them all!) While we appreciate all applications, only candidates selected for an interview will be contacted. No phone calls or recruiter assistance at this time, please.
All qualified applicants will receive consideration for employment without regard to race, religious beliefs, colour, gender, disability, age, ancestry, place of origin, marital status, source of income or family status of that person or of any other person.
Number of hires for this role: 1
Similar Jobs
Top Benefits
About the role
About the Role Are you passionate about cybersecurity? Are you tired of hearing about constant cyber attacks on Canadian education institutions, and are eager to make a difference? If so, we have an exciting opportunity for you!
Cybera is a not-for-profit agency whose mission is to improve the lives of Albertans through the use and advancement of digital technologies. We serve the province’s education, enterprise, research and government sectors. We have established a regional Security Operations Centre (rSOC) to monitor, detect, and respond to cybersecurity threats targeting Alberta’s post-secondary institutions.
As a SOC Analyst, you will have a hands-on opportunity to apply your security knowledge and experience across various cybersecurity domains and stages of incident response . A key factor for success in this role will be your ability to effectively identify and investigate incidents, manage escalations and work with our members throughout the incident lifecycle until resolution.
In this role, you will be encouraged to challenge the status quo, think creatively, and adopt a growth mindset to develop new and innovative solutions to complex challenges. Continuous learning and exposure to leading security technologies will support you as we work towards building advanced defences for cyber threats, with the support of our rSOC team.
What You’ll Do: Conduct proactive monitoring, investigation, and escalation of security incidents. Recognize any potential, successful, and unsuccessful intrusion attempts and compromises through correlation analysis of relevant event details and summary information. Investigate malicious URLs, domains and IPs using open source and sector intelligence. Provide mitigation guidance and support in response to identified threats, drawing upon common industry practices and vendor recommendations. Continuously build and evolve high confidence and high fidelity detection rules for anomalous or suspicious events, in collaboration with other rSOC team members. Actively contribute to the continuing development of the rSOC practices, processes, procedures, standards and methodologies, and actively contribute to the knowledge base. Utilize playbooks, guidelines and various techniques for investigating incidents using rSOC technologies. Report log coverage gaps, parsing issues and high-volume detection of false positives, with other rSOC team members. Participate in ongoing monthly meetings with members to present service performance metrics, discuss notable events, and other operational matters. Act as the first point of contact for security incidents and service requests into the rSOC, in line with set SLAs. Apply cybersecurity and privacy principles to organizational requirements.
What You Bring:
Education and Experience Minimum one year in a SOC environment. Experience documenting cybersecurity processes and procedures, and utilizing playbooks to investigate and respond to incidents. (ISC)2, CompTIA, GIAC, or other relevant cybersecurity certifications are desirable.
Skills Understanding of cybersecurity threats and risks to the academic sector. Ability to identify, analyze, document, and report relevant threats and incidents. Experience in identifying and investigating security incidents. Practical understanding of cybersecurity concepts, such as incident response practices,vulnerability management, and IT Service Management concepts. Demonstrated ability to gain trust and credibility from internal and external stakeholders.
Technical Proficiencies Experience with SIEM and UEBA technologies. Experience with SOAR technologies and utilizing playbooks Experience with EDR technologies such as Microsoft Defender ATP, CrowdStrike, or SentinelOne. A thorough understanding of the MITRE ATT&CK framework and Cyber kill-chain. Experience with investigating brute-force attacks, phishing email, malware, and network log analysis. Ability to document and explain technical details clearly and concisely to both technical and non-technical audiences. Practical networking experience with an understanding of TCP/IP and other network protocols. Experience with using threat intelligence feeds; excellent troubleshooting and analytical thinking skills. Strong documentation and communication skills.
These requirements represent an ideal candidate. The potential of the individual’s background and experience to meet the responsibilities and expectations of the role is considered in all instances. This is your opportunity to be a part of a newly formed rSOC that will change the security landscape for post-secondary institutions!
Schedule and Conditions of Employment: Our team currently ensures coverage between the hours of 6:00am-4:00pm, Sunday through Saturday, with workdays that shift throughout the week on a rotating schedule throughout the year. As the rSOC continues to evolve, rSOC schedules will vary as to best serve our members, ensure coverage, and support organizational needs.
Selected candidates will be required to provide a satisfactory employment and criminal record check as a condition of employment.
Compensation and Location: This position is based in our Calgary office. Salary will be commensurate with experience. No relocation costs will be awarded.
Benefits of working at Cybera: This is your opportunity to work for a flexible, tech-forward not-for-profit that is helping Canada become a more equitable place to work, learn, and play! We offer: A hybrid working environment. Highly supportive and inclusive work culture. 35 hour work weeks.
Benefits: Health & Vision benefits from day 1. Long & Short term disability benefits from day 1. Flexible Health Spending Account (after successful probation). Annual professional development funds. Regular Lunch & Learns covering department updates to EDI topics. RRSP program (after successful probation). Healthy snacks in the office – and sometimes unhealthy snacks. 10 days per year to use for sick time or mental health breaks. The opportunity to invest in yourself and your career.
How to Apply: This posting will remain open until a suitable candidate is found. Your application should include a resume and a short response (in your own words) to two application questions listed below. Your answers should demonstrate how your skillset matches the position requirements (of course we don't expect you to have them all!) While we appreciate all applications, only candidates selected for an interview will be contacted. No phone calls or recruiter assistance at this time, please.
All qualified applicants will receive consideration for employment without regard to race, religious beliefs, colour, gender, disability, age, ancestry, place of origin, marital status, source of income or family status of that person or of any other person.
Number of hires for this role: 1