Discover Technata Job board

Find your next tech job in Kanata North, Canada’s largest technology park. Then explore endless international opportunities and dream about where your career will take you. With the Country’s largest density of technology companies ranging from promising startups to leading global giants, Kanata North is the place to be if you are serious about a career in tech.

Sr. Cyber Security Defense Analyst (GCS)

RBC Capital

RBC Capital

IT
Vancouver, BC, Canada
Posted on Monday, June 10, 2024

Job Summary

Job Description

What is the Opportunity?

RBC Defensive Threat Operations (DTO) team is seeking an experienced ‪Sr. Cyber Security Defense Analyst with demonstrated competence and thought leadership capability to contribute toward the success of our Cyber Resiliency initiatives. Under the direction of the Director of Correlation Engineering, the Senior ‪Cyber Security Defense Analyst is responsible for maintaining the RBC Security Information Event Management (SIEM) platform.

What will you do?

The Cyber Security Defense Analyst is a hands-on technologist who is an expert in the use of the technologies that comprise the RBC SIEM platform, and creates and tunes the SIEM rules to adjust the specifications of alerts and security incidents. The scope of this position is RBC Enterprise-wide and requires a very good understanding of the security controls RBC uses and how they provide value to the business.

The incumbent will work closely with other members of the Global Cyber Security teams in ensuring that the security posture of RBC is maintained and take a proactive approach in continually assessing the effectiveness and efficiency of the SIEM platform.

Essential Functions:

  • Serve as a Subject Matter Expert (SME) for the SIEM platform

  • Develops and implements effective correlation rules

  • Tunes SIEM components to ensure maximum reliability and reduce false positives

  • Review security context alerts and log sources

Essential Capabilities:

  • Ability to relate to non-technical users in user-friendly language

  • Ability to understand or learn the technical implications of security threats

  • Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment

What do you need to succeed?

Must-have:

  • Bachelor of Science in a technology-related discipline or 3 years of relevant experience

  • 3-5 years of experience in a role dedicated to the configuration, maintenance and administration of SIEM Platform (Splunk, Sumo Logic, Azure Sentinel, QRadar)

  • Significant experience with and working knowledge of Syslog

  • Practical experience with Python

  • Significant experience with and expertise in creating event correlation logic and rules

  • Significant experience and expertise in using SIEM for searching and correlating events

  • Possess excellent troubleshooting, problem-solving, and verbal/written communication skills

  • Ability to manage critical situations, and maintain solid relationships with colleagues

Nice-to-have:

  • Certified SIEM certification

  • Certified Information Systems Security Profession

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

  • A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable

  • Leaders who support your development through coaching and managing opportunities

  • Ability to make a difference and lasting impact

  • Work in a dynamic, collaborative, progressive, and high-performing team

  • A world-class training program in financial services

  • Flexible work/life balance options

#LI-Hybrid

#LI-POST

#TECHCPJ

Job Skills

Decision Making, Group Problem Solving, Identity Access Management (IAM), Information Security, Information Technology Security, IT Systems Integration, Negotiation, Security Controls, Security Information, Security Information and Event Management (SIEM), SIEM Tools, Software Development, Software Development Life Cycle (SDLC), Strategic Objectives

Additional Job Details

Address:

VANCOUVER MAIN BRANCH, 1025 GEORGIA ST W:VANCOUVER

City:

VANCOUVER

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

Technology and Operations

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2024-06-06

Application Deadline:

2024-06-20

Inclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
​​​​​​​
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.