Soc Analyst Specialist (Tvm)
Soc Analyst Specialist (Tvm)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are banking at another level.
Choosing BDC as your employer means working in a healthy inclusive and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently to fuel the success of Canadian entrepreneurs.
Choosing BDC as your employer also means:
Flexible and competitive benefits including an Employee Savings and Investment Plan where BDC matches part of your voluntary contributions a Defined Benefit Pension Plan a $750 wellness and health care spending account to name a few
In addition to paid vacation each year five personal days sick days as necessary and our offices are closed from December 25 to January 1
A hybrid work model that truly balances work and personal life
Opportunities for learning training and development and much more...
Explore the BDC Way in our Culture Book
POSITION OVERVIEW
This position is part of a Cyber Security Operation Center task force (SOC). SOC team specialize in different main areas such as incident response and Threat and Vulnerability Management and each member are involved in cross-referenced operational oversights monitoring and operational tasks on a daily basis for ensuring a well-rounded approach to maintaining and enhancing the organizations security posture.
Reporting to the IT Security leadership your primary focus will be identifying assessing prioritizing and tracking the remediation of vulnerabilities across BDCs hybrid infrastructure including on-premises systems cloud platforms (Azure AWS GCP) and other external footprints relating to BDC.
As the Threat and Vulnerability Management (TVM) Specialist at BDC you will play a pivotal role in safeguarding the banks digital environment. You will collaborate with various infrastructure DevOps cloud and application teams to operationalize threat intelligence improve vulnerability detection and enhance remediation velocity while reporting metric and key performance indicators to upper management.
A solid foundation in operational security will help you integrate vulnerability risk management into day-to-day IT workflows and project lifecycles.
CHALLENGES TO BE MET
- Lead the end-to-end vulnerability management process including asset discovery scanning analysis prioritization and remediation coordination
- Monitor external threat intelligence and internal telemetry to assess exposure and correlate active threats with known vulnerabilities.
- Prioritize vulnerabilities based on risk exploitability and business impact using CVSS threat intel feeds and asset criticality
- Collaborate with IT and DevOps to coordinate remediation and change management workflows
- Develop and maintain metrics and KPIs for TVM program to track performance
- Keep abreast with new technologies in Cyber space with the goal of enhancing BDC cyber posture.
- Keep up with the technical roadmap of program and technology changes being driven by the internal needs and IT projects as well as new developments on the providers side
- Maintain relationships with external sources of information security that can be used to manage our security program.
- Research trends in new security threats technologies; advise and train team members to maintain awareness
- Work closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization
- Provide suggestions and feedback to improve the overall capabilities of the BDC Security team
- Monitor cyber tooling output and conduct spot checks for accuracy
- Respond to monitoring alerts according to defined playbooks and procedures.
- Participate in Post Incident Reviews and discussions.
- Enhance playbooks and procedures to improve security posture and reduce noise.
- As needed integrating various tools and technologies to form a coherent detection infrastructure.
- Monitor and analyze security logs and events to identify and respond to security incidents.
- Being part of SOC includes a 24/7 rotations on-call (once about every 4 weeks)
WHAT WE ARE LOOKING FOR
Technical Skills:
- Strong knowledge of vulnerability scanning tools (e.g. Qualys Tenable Rapid7) and threat intelligence platforms.
- Experience with SIEM EDR and incident response
- Familiarity with CVSS scoring Treat Intel & MITRE ATT&CK framework
- Experience with cloud-native security tools and platforms (Azure Defender AWS Inspector etc.)
- Experience with one or more scripting languages such as Python Bash PowerShell in the context SIEM SOAR EDR and XDR
- Certifications: Industry-recognized credentials such as GEVA OSCP GCFA CEH or other SANS
Soft Skills:
- Analytical mindset and risk-based thinking
- Effective communication with both technical and business stakeholders
- Bilingual (French and English written and spoken)
- Solid verbal and written communication skills and the ability to tailor the context of the conversation to the audience
Education & Experience
Education: Bachelors degree in computer science cybersecurity information systems or a related field
Experience: Minimum 58 years in IT security with a strong focus on vulnerability management and security operations
- 5 years of information security experience with focus on vulnerability management
- 2 years of incident response & event management
- Experience with network security vulnerability scanners agents and telemetry
- Experience with SIEM tools services and processes
- Experience with XDR and EDR tools services and processes
- Experience with managing Threat and Vulnerability Management program
Why Join BDC
- Play a leading role in developing and maturing the banks TVM program
- Work with a dynamic cross-functional cybersecurity team in one of Canadas top employers
- Access to cutting-edge technology in cloud security and risk-based remediation
- Competitive benefits including hybrid work pension wellness programs and continuous learning opportunities
Proudly one of Canadas Top 100 Employers and one of Canadas Best Diversity Employers we are committed to fostering a diverse equitable inclusive and accessible environment where all employees can thrive and feel empowered to bring their whole selves to work. If you require an accommodation to complete your application please do not hesitate to contact us at .
While we appreciate all applications we advise that only the candidates selected to participate in the recruitment process will be contacted.
Required Experience:
IC
Employment Type
Full-Time
