Forsythe Technology is a CDW company. We share common values as a performance-driven, customer-focused culture. CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers across the globe.
This role will support our Mississauga, Ontario area Security Operations Centre, and can be based from the Toronto area, or remotely from elsewhere in Canada. For this role, we're seeking an individual with a strong background in SIEM tools (IBM QRadar, Splunk, Exabeam, Sumo Logic)
The Consultant performs ongoing client support for complex technical performance issues and develops recommendations to ensure adherence to service level agreements and customer service excellence. The Consultant may specialize in a particular discipline and continues to develop a platform of technical expertise. In addition, the Consultant is required to provide input on how to drive process improvements, gain efficiencies, and create opportunities for improved workflow and automation.
What You’ll Do:
Services Delivery (80%)
- Manages complex technical questions and ticket escalations and monitors system performance
- Identifies and makes recommendations on technical deficiencies, service performance issues, product utilization, bugs, and enhancements
- Recommends process improvements in order to drive efficiencies, reduction of the average time to trouble-shoot, and reducing false-positive alerts
- Develops customized reports and presentations, and provides technical knowledge transfer and analysis to clients on performance status, trends, and metrics
- Performs ongoing analysis and system testing of new system releases, upgrades, and/or patches to supported technologies
- Applies Trusted Advisor techniques to build up client trust and influence loyalty
- Confidently runs great meetings, differentiating services per Managed Security Services positioning
- Hosts monthly meetings and tuning calls with assigned accounts
Professional Development (20%)
- Helps improve the team, proactively engages when service is inconsistent, or risk is identified
- Mentors team with technical advice / support
- Develops best practices, strategies, methodologies, documentation and templates suitable for use by other Consultants and Analysts
- Attends training sessions or shadowing activities, and obtains industry related certifications as determined by the Manager
- Bachelor's degree (B.A./B.S.) or 3-year diploma in Engineering, Computer Science, or a Technology related field
- Has one of the following required combinations of technical certifications and experience:
- Holds technical certifications for at least four (4) technologies for which Sirius provides managed security services* and has at least three (3) years of IT Support experience in a client-focused environment, and/or working in a security operations center
- Holds technical certifications for at least three (3) technologies for which Sirius provides managed security services* and has at least four (4) years of IT Support experience in a client-focused environment, and/or working in security operations center
- Holds technical certifications for at least two (2) technologies for which Sirius provides managed security services* and has at least six (6) years of IT Support experience in a client-focused environment, and/or working in security operations center
Managed Security Services certifications may include, but are not limited to: Check Point: CCSA, CCSE: Cisco; CCNA-Security, CCNP – Security, CCIE – Security; Blue Coat: BCCPA, BCCPE; Palo Alto: ACE, PCNSE; SANS GCIA, GCIH, QRadar CSC, Splunk, LogRhythm, or similar technology certifications
Other Position Requirements
- Experience with one (1) or more of the following: Incident Handling, SIEM Tools, and/or Cloud Security
- Solid prioritization / time management skills
- Experience with direct system engineering or support involving hardware, software and services at an enterprise level for at least one product lines in the designated practice
- Direct involvement in working with internal and external teams to implement and troubleshoot complex configuration hardware, software and services
- Experience presenting ideas and solutions to clients and adapting presentation style to fit particular client situations
- Demonstrated knowledge of company products and services, testing methodology, and system troubleshooting
- Demonstrated ability to investigate complex problems where analysis of situations or data requires an in- depth evaluation of variable factors from multiple IT infrastructure systems
- Demonstrated ability to establish positive working relationships and conduct complex and important work critical to the organization in a team, consulting environment
- Proven ability to select resolutions and techniques that meet technical requirements within the context of best practices, and make recommendations to achieve targeted objectives
- Demonstrated ability to communicate in clear, concise and crisp messages to a variety of audiences that instigate appropriate actions
- Proven ability to effectively present in a variety of formal and informal settings: one-on-one, small and large groups, using a variety of presentation methods to sustain the audiences’ engagement
- Demonstrated ability to manage time to focus on priorities and handle multiple tasks simultaneously
- Demonstrated ability to establish a collaborative approach to problem solving, ensuring that solutions generated by the team are tested and proven
- Demonstrated ability to mentor less experienced team members
- Demonstrated ability to work under minimal supervision, using latitude for independent judgment
- Proven ability to proactively step into team leadership roles and empower others to increase contribution and level of responsibility
- Demonstrated ability to achieve high level of Customer Satisfaction on all engagements
- Demonstrated Word, Excel, Visio, PowerPoint and Outlook skills
- Previous experience working in a Security Operations Centre (SOC) environment
- Experience working with Amazon Web Services (AWS) and/or Microsoft Azure
- Experience working with IBM QRadar, Splunk, or any of the major SIEM vendors
- Demonstrated experience performing incident handling, leveraging frameworks such as NIST and SANS
- Demonstrated experience with frameworks such as Lockheed Martin Cyber Kill Chain, MITRE ATT&CK, etc.
- Demonstrated experience performing threat hunting, building hypothesis with the aim of identifying unknown threats.
Data Privacy and Security:
- All Sirius employees are responsible to safeguard the information and information systems that they use or handle in the execution of their duties. Employees are obligated to know and perform their duties in accordance with Sirius policies, standards, and procedures related to security and report security violations to the appropriate Sirius authority.
- Participate at hire and annually in the Information Security Awareness training as well as other required training identified by the Human Resources department. Other data privacy and data security related regulatory training may be required based on your role or assignment.
The position is part of a 7 day per week, 24 hour per day managed services operations. To provide the required coverage, must be willing to work other shifts including weekends, holidays, and overtime.
The above primary duties, responsibilities, and position requirements are not all inclusive.
Sirius is an equal opportunity employer that values diversity. As a government contractor, Sirius takes affirmative action to employ and advance in employment qualified women, minorities, individuals with disabilities, and protected veterans; maintains a drug-free workplace; and participates in E-Verify.
Demonstrates competencies defined for the Analyst through Specialist level, plus the following:
Customer Focus - Gains insight into customer needs. Identifies opportunities that benefit the customer. Builds and delivers solutions that meet customer expectations. Establishes and maintains effective customer relationships
Instills Trust - Follows through on commitments. Is seen as direct and truthful. Keeps confidences. Practices what he/she preaches. Shows consistency between words and actions
Tech Savvy - Anticipates the impact of emerging technologies and makes adjustments. Scans the environment for new technical skills, knowledge, of capabilities that can benefit business or personal performance. Rejects low-impact or fad technologies. Readily learns and adopts new technologies.
Strategic Mindset – Anticipates future trends and implications accurately. Readily poses future scenarios. Articulates credible pictures and visions of possibilities that will create value. Creates competitive and breakthrough strategies that show a clear connection between vision and action
Self Development - Shows personal commitment and takes action to continuously improve. Accepts assignments that broaden capabilities. Learns from new experiences, from others, and from structured learning. Makes the most of available development resources.
Manages Complexity - Asks the right questions to accurately analyze situations. Acquires data from multiple and diverse sources when solving problems. Uncovers root causes to difficult problems. Evaluates pros and cons, risks and benefits of different solution options