BlackBerry - Security Operations Analyst

Worker Sub-Type:

 Job Description: 

Location: On-site Waterloo

The Security Operations Analyst is the first line of defense for a Security Operations Center, monitoring and responding to security events to protect the networks and data. Functions of the role include the initial triage of security incidents, escalating issues as needed, and documenting detailed analysis and remediation steps. Key responsibilities include monitoring alerts from various security tools, conducting malware analysis, and participating in vulnerability assessments. You will also assist in developing operational procedures and contribute to SIEM and automation tool integrations. This role is ideal for those passionate about cybersecurity and eager to grow in a fast-paced environment.

As a Level 1 SOC Analyst, you will be the first line of defense in our Security Operations Center. You will monitor, analyze, and respond to security events and incidents, ensuring the protection of our networks and data. This role is ideal for individuals with a passion for cybersecurity and a desire to grow their skills in a fast-paced environment.

Key Responsibilities:

• Monitor security alerts and events from various sources, including SIEM, DLP, IDS/IPS, firewalls, and endpoint protection systems.
• Perform initial triage and analysis of security incidents to determine their severity and impact.
• Escalate incidents to higher-level analysts or incident response teams as necessary.
• Document and report security incidents, including detailed analysis and remediation steps.
• Participate in vulnerability assessments and provide recommendations for remediation.
• Stay up to date with the latest cybersecurity threats, trends, and technologies.
• Determine if critical systems have been impacted and advise on remediation and recovery options.
• Conduct malware analysis or identification of IOCs to evaluate potential security issue.
• Assist to develop and improve operational procedures and processes.
• Identify and contribute to content for SIEM and automation tools integrations.
• Create and maintain technical documentation and operational documents.
• Follow structured incident response practices using frameworks such as NIST to improve operational readiness.
• Foster environment of continuous improvement
• Must be willing to participate in an on-call rotation.

Qualifications:

• Must be able to obtain a Secret level security clearance.
• Cyber Security College Diploma or related University degree and 2 years of related experience
• Experience working as a SOC Analyst or in a similar role with a focus on information security.
• Experience with SIEM, networking security, endpoint security tools, UEBA, XDR, NDR, SOAR
• Experience with cloud infrastructure using various cloud providers, such as AWS, GCP, Azure
• Experience with confluence, Jira, or other similar tools.

Desired Qualities:

• Resourcefulness and creativity with a strong aptitude for innovation and ability to recognize opportunities for improvement in day-to-day work.
• Strong interpersonal skills with an aptitude for collaboration
• Be outgoing, enthusiastic, and comfortable working with small and large teams.
• Excellent verbal and written communication skills
• Excellent analytical, problem solving and decision-making skills with a strong attention to detail.
• Use outside-of-the-box thinking to generate creative solutions to problems.
• ITIL, CCSP, SSCP, Security +, GIAC, or other security certifications are desirable.

#LI-TT1

Scheduled Weekly Hours: