- Coordinate log ingestion and log gathering projects and operational activities in the context of a high performance security operation or threat-hunting teams.
- Supervise the implementation and the development of new technologies and new services, analysis of operational impacts and network management processes, training and management platforms plans.
- Define and document incident handling processes-including preparation, identification, containment, eradication, and recovery-to protect enterprise environments.
- Develop complex documentation to allow trend analysis, design solutions and operating guides or various deliverables
- Observe strict security protocols associated with all security management practices
- Participate in deployment of security software update mechanism and security package across multiple Business units.
- Support Business units during deployments of security software updates mechanism or security package
- Establish policies and guidelines for software deployments in varied environments
- Work in collaboration with different business unit inside Bell
- Participate to meeting/conference call
- Contribute to project meeting and report on issue status
Required education and experience:
- University or college degree in Computer Science/Engineering or 5 to 10 years of equivalent experience in the cyber security domain.
- Preferable: Two (2) intermediate professional security certification such as CCNP Security, CISSP, CCSE, GIAC certification, SIEM certification
- Working experience with Agile, Continuous Improvement and Lean.
- Proven experience in design, implementation and troubleshooting solutions related to the security domain.
- Very good understanding of network security platforms, OS security features, Application protection systems. (WEB)
- Very Good understanding of Security Information and Events Management (SIEM) concepts.
- Experience or knowledge of blue teaming, malware analysis, and/or social engineering is an asset
- Experience in the analysis of security events and cyber threat from the SIEM platform (especially Arcsight, ELK, FortiSIEM)
- Very good Knowledge of Windows OS & Linux systems
- Knowledge of scripting language (mainly python) is an asset