en
Join our Talent Network
Skip to main content
Share this job: share to e-mail

Analyst, Managed Security Services - Incident Response


This job posting is no longer active.

Job ID 23001210
Team Engineering
Posted Date Apr 13, 2024
Travel  
Location Mississauga, ON
Eligible for Remote  
Contract Type Full-Time
Security Clearance  

Forsythe Technology is a CDW company. We share common values as a performance-driven, customer-focused culture. CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers across the globe.

This role will support our Mississauga, Ontario area Security Operations Centre, and can be based from the Toronto area, or remotely from elsewhere in Canada. For this role, we're seeking an individual with a strong background in SIEM tools (IBM QRadar, Splunk, Exabeam, Sumo Logic)
 
The Analyst – Managed Security Services - Incident response, provides first-level technical client support and upholds defined service level agreements (SLA) and customer service excellence. The Analyst focuses on developing their knowledge and technical expertise.
 
What You’ll Do:
24x7 Support (70%)

  • Monitors and responds to incident queue from SIEM/ticketing solution
  • Performs deep analysis of cybersecurity incidents in the SIEM & other security solutions deployed in the environment
  • Identifies efficiencies and improvements in workflow, thus reducing false-positives in client environments
  • Performs root cause analysis and collaborates with Consultants and other Analysts to solve repetitive system performance or configuration problems
  • Creating SOPs (Standard Operating Procedures) around security related processes if needed
  • Assess security controls and evaluate security posture of organizational internal controls
  • Stay up to date with adversary tactics, techniques, and procedures (TTPs)
  • Identifies, records, and escalates service performance trends, anomalies, and SLA breaches to leads

Professional Development (30%)

  • Gain knowledge and hands-on capability of incident response tools
  • Attends training sessions or shadowing activities, and obtains industry related certifications as determined by the Manager

What You Need to Succeed:
Must-have:

  • Bachelor's degree (B.A./B.S.) or 3-year diploma in Engineering, Computer Science, or a Technology related field
  • Managed Security Services certifications may include, but are not limited to: QRadar; SANS GCIA, GCIH, Splunk, LogRhythm, Proofpoint, CrowdStrike, Sentinel One, RSA NetWitness, Threat Grid,  or similar technology certifications

Other Position Requirements:

  • Positive influence on the floor
  • Keen interest in Cyber Security with foundational knowledge of network and endpoint security technologies including; 
  • Packet Capture (PCAP) Analysis using Wireshark 
  • Experience of network investigation, event analysis, escalation and reporting procedures 
  • Knowledge of TCP/IP, OSI layer, and common protocols, and how applications work at the network level (DNS, SMTP, HTTP, FTP etc.) 
  • Knowledge of Windows based Server operating system including file system, registry function, permission and privileges settings
  • Windows system internals, basic knowledge of PowerShell 
  • Linux Kernel and basic scripting (Bash/Python) knowledge
  • Good understanding of company products and services and IT infrastructure systems
  • Ability to investigate less complex problems where analysis of data requires evaluation of identifiable factors from multiple IT infrastructure systems
  • Ability to establish positive working relationships and contribute to measurable team and/or organizational objectives in a consulting environment
  • Good ability to achieve high level of Customer Satisfaction on all engagements
  • Ability to work under minimal supervision, using latitude for independent judgment
  • Good verbal and written communication skills
  • Good Word, Excel, Visio, PowerPoint, and Outlook skills

Nice-to-have:

  • Previous work experience in a Managed Services Security Operations Center

Essential Functions:
The position is part of a 7 days a week , 24 hour per day managed services operations. To provide the required coverage, must be willing to work on rotational shifts and overtime, if needed.
 

Who we are:
CDW is a leading technology solutions provider to business, government, education and healthcare organizations in Canada, the United States, and the United Kingdom. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced startups to international conglomerates. With the breadth of products and services we offer, there is no request too big or too small.
 
What you can expect from us:
Culture, coworkers, careers. CDW is not only the People Who Get IT, but the People who get People. Our relationships are fueled by our deep expertise and grounded in the CDW Way. Our empowering leadership makes things happen and inspires their teams to do the same. From the teammates beside us to the leaders who guide us, we move forward together. At CDW, you’ll work with people who inspire you. People with positive, success-driven attitudes who you will learn from and forge strong relationships with. Bring your best true self—and your best ideas—to CDW. Because diverse perspectives bring forth better problem solving—and better solutions for our customers on a rapidly evolving technology landscape.

Share this job: share to e-mail

Similar Jobs

Diversity image

Interview Process

Interested in joining the team?

Discover tips to help prepare you for your job search and what to expect from CDW.

Get started >
Diversity image

Interview Process

Interested in joining the team?

Discover tips to help prepare you for your job search and what to expect from CDW.

Get started >