Senior Security Specialist – Incident Response

Description

GlassHouse Systems (GHS) is an enterprise systems, and managed services solutions provider that develops, designs and deploys solutions for leading enterprises in Canada and the US. For almost 32 years, GHS has delivered an enterprise level of service and support to clients. Recognized with industry-leading awards each year, GHS translates this differentiation into positive client experiences. 

This role requires an experienced security professional with technical expertise in incident handling, malware investigation and containment, and IR process improvement. In this role, you will be developing and updating IR playbook and runbooks, conducting IR investigations, and participating in IRDF and security governance projects.

Responsibilities

· Create and update incident response playbooks and runbooks

· Develop and update incident response methodologies, procedures, and processes

· Develop, review, and maintain security policies and standards in alignment with industry best practices and regulatory frameworks

· Enhance existing IR practice and review of internal processes and activities to assist in identifying potential opportunities for improvement

· Lead and conduct incidents investigation, containment, and remediation

· Engage with clients and guide them on a broad range of technology throughout the incident lifecycle

· Perform root cause analysis for cyber incidents and breaches

· Conduct malware analysis and sandboxing

· Collaborate in forensics investigations

· Provide expert-level briefings to internal and external stakeholders during and after incidents

· Train team members to use and apply IR playbooks and runbooks

· Lead the planning, execution, and delivery of cybersecurity initiatives and projects

· Contribute to penetration test projects

· Manage and optimize security technologies such as SIEM, EDR, and SOAR

· Conduct proactive threat hunting activities using EDR/SIEM data

· Evaluate new threat vectors and support detection engineering teams to improve defenses

· Collaborate in maintaining and managing internal threat intel platforms to aggregate, enrich, and distribute threat intelligence data to internal teams and clients

· Contribute to cyber risk assessments and security awareness programs

· Contribute to phishing campaign simulations and monitoring their effectiveness

Requirements

· This position requires employees to work from the GHS Toronto office a minimum of three days per week

· 5+ years of experience in cybersecurity, focusing on incident investigation and response

· Proven experience in conducting incident investigation and response, including analysis, containment, and remediation

· Bachelor’s or higher degree in computer science, information technology, information security, computer forensics, or a related field

· Expertise in analyzing Windows, Linux, and macOS logs and incidents

· Familiar with at least one SIEM and one EDR solution (e.g., QRadar, Splunk, SecOps, CrowdStrike, Defender, etc.)

· Knowledge of common technologies and protocols, like SIEM, IAM, Unix scripting, TCP/IP, LDAP, HTTP, DNS, Radius, SSO, Active Directory, cloud computing, etc.

· Excellent (technical) verbal and written communication skills.

· Experience in analyzing security advisories, threat intelligence feeds and providing guidance on risk mitigation strategies

· Familiar with security frameworks like MITRE ATT&CK and ability to identify and analyze TTPs

· Experience with Malware analysis

· Ability to participate in after hours on-call shifts

· High ethical and professional standards

Nice to have:

· Expert knowledge of forensics tools such as Encase, Axiom, Autospy, OSForenscis, FTK imager or similar

· Relevant Certifications such as GIAC (GCIA, GPEN, GWAPT, GCIH, GSEC, GCFA), CISSP, CCSP, CEH, CHFI

· Experience in penetration test

· Experience with vulnerability management technologies, processes and procedures

· Experience in cyber risk assessment/management

· Familiarity with compliance frameworks (PCI-DSS, HIPAA, etc.)

Personal attributes

· Strong verbal communication skills and excellent technical writing skills

· Strong team player and enjoys working in a fast-paced team atmosphere

· Ability to manage multiple priorities, commitments and projects

· Ability to communicate complex ideas verbally and through documentation

· Must be able to grasp highly technical concepts quickly, develop content, and independently document features for target audiences

Disclaimer

What you'll get: 

Competitive salary 

Health benefits (medical, vision, dental) 

Life insurance 

Pension plan 

Professional development 

Amazing company culture 

Free parking 

Gym on-site 

Join a team of professionals led by a diverse set of leaders from across the industry. 

GlassHouse Systems commitment: 

We believe that a diverse team is the key to innovation and growth. We are an equal opportunity employer that values diversity at our company and encourages all candidates to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. 

GlassHouse Systems will accommodate individuals with disabilities through each stage of the recruitment process. Please advise us of any needs when your interview is booked and we will do our best to meet your needs. 

Please note that all candidates have to be legally eligible to work in Canada. 

Any offer of employment will be conditional upon a criminal record check. 

GlassHouse Systems thanks all candidates for their interest, however only those selected to continue in the process will be contacted.