Apply now »

Security Ops Analyst

Reference Number: 2293

Posted Date: Dec 3, 2024

Employment Type: Permanent Full Time

Hours of Work: 7.5 hours per day - 5 day week (M-F)

Work Arrangement: Hybrid 8

Salary Range: $72399.60 - $78223.60 Annually

Location:

North Vancouver, British Columbia, Canada

We welcome applications from all qualified job seekers. Should you require any accommodations, including alternative interview formats, assistance with online assessments, or an ASL interpreter, throughout the application or hiring process, please email your request to accessibility_services@icbc.com – we are committed to ensuring an accessible experience for all candidates.

At ICBC, we strive to build diverse teams which reflect the communities we serve. To support this, we’ve created two talent communities for Indigenous Peoples and People with Disabilities. By joining one of these communities, you’ll connect with our recruitment team who will guide you through the application process and help you explore opportunities at ICBC. Of course, you’re welcome to apply for jobs at ICBC whether or not you join a talent community.

We look forward to hearing from you!

ICBC is committed to delivering consistently high-quality customer service to all British Columbians. If you arereliable and dependable, love to think outside of the box and have a growth mindset, we welcome you toapply for this exciting opportunity.

Reporting to the Manager of IT Security, the Security Operations Analyst (SOA), as part of a team, will supportICBC’s cybersecurity functions (detection, monitoring and response) and become a technical andcybersecurity leader.

You will work closely with ICBC’s Information Risk Management, Platform teams, Application teams and a Managed Security Operations Center. The SOA is responsible for delivery and continuous improvement of ITcybersecurity functions using ITIL principles and alignment to ISO 27000 controls.

Your responsibilities will include:

Identifying, triaging and investigating cybersecurity events and incidents end-to-end, includingresponse, escalation, and resolution with end users.
Working independently and collaboratively with IT teams to proactively recognize any potential intrusionattempt and compromises through correlation analysis of relevant IOCs, event details and threatintelligence sources.
Providing mitigation and remediation support in response to identified cyber threats.
Actively contributing to the development of Security Operations Center (SOC) architecture, standards,methodologies, techniques, processes, and technical playbooks.
Effectively using and improving SOC technologies (network data, endpoint and application) and SOCautomation.
Actively enhancing detection rules and technical capabilities of the SOC toolkit to optimize and tunealerts, minimize false positives, correlation, and parsing issues.
Providing oversight to the compliance of ICBC systems with respect to vulnerabilities and patching.
Continuously contributing to and improving IT cybersecurity metrics and reports.
Acting as the first point of contact with external and internal stakeholders (business, IT teams, securityservice providers) to gain their trust and credibility.

The successful candidate will have two (2) years’ experience in a large, complex IT environment, with apreference of at least one (1) year in cybersecurity (in a Security Operations Center).

A demonstrated continuous education and/or completion of relevant cybersecurity certifications is desirablebut not required.
The candidate will bring demonstrated solid knowledge, strong skills, and practical experience of:

Various incident response stages, controls, processes, procedures, and playbooks.
MITRE ATT&CK and Cyber kill-chain frameworks and applying their techniques, tactics and proceduresin dynamic IT environment.
SIEM, SOAR, UEBA and EDR technologies, vulnerability management tools and network monitoringapplications.
Analyzing, interpreting technical logs and data to identify event or incident root cause(s).
File and host investigation techniques.
Cybersecurity and privacy principles and risks preferably in relation to NIST framework and CIScontrols.
Communicating effectively, explaining, and documenting technical details clearly and concisely.
Troubleshooting and applying analytical thinking skills.
Staying on top of the latest cybersecurity research and cyberattacks.
Scripting or programming languages such as Python, PowerShell, Bash, SQL etc. would be desirable.
Basic network protocols, network layers and potential attacks occurring at different levels of the networkstack would be advantage.

About us:

At ICBC, it’s our job to make sure the car insurance system works for all British Columbians, today and in the future. If you want to make the most of your skills and expertise while growing your career, we want you. A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. You can expect a competitive salary, comprehensive benefits and a collaborative work environment. If you are reliable and dependable, contact us today to be part of our talented and diverse team as we work together to create an insurance system we can all be proud of.

Work arrangements defined:

Hybrid 8 – you will work a minimum of 8 days in a 4-week period at your primary office headquarters (typically 2 days per week). The remaining days will be remote within British Columbia.

#IND1

Job Segment: Database, SQL, Developer, Technology

Apply now »

Provider	Description	Enabled
Google Analytics	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions
LinkedIn	LinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn. Cookie Policy Cookie Table Privacy Policy Terms and Conditions