Company : The Select Group
Job Location : Toronto, Ontario, ca
Posted on : 2021-06-08
Job Description :
Job Title: Security Engineer Consultant Job Duration: 1 yearProject Details: We are looking for someone that wants to be heavily involved in the day to day support and trenches of the above technologies. I would also like someone who has experience in investigating security events, is great at analyzing logs and understanding threat vectors and how to respond to security alerts within the network and can read and understand forensics coming from our various technologies. A true consultant that can come in to give advice on how to improve efficiency. Preferably a level 2-3 SOC analyst.Must Have Skills:Extensive experience supporting and administering security event management solutions (specifically Splunk experience)Experience supporting and administering next gen AV solutionsAWS and Azure experienceNetwork experience, understand components of infrastructure and network, how things connect, background in functionality of devices and systems.Nice to Have Skills: run/manage/oversee level 3 SOC Triage (not managing others but need to be in the mindset/be able to provide consultation to other team members). Someone who can identify when there are issues, threat management, someone who is forward thinking - uses tools at hands to identify security threats.Additional Details:Using Palo Alto firewall shopGood connectivity, high speed internet is a mustSome on-call rotations - the most they would be on-call in a month is 20 hours. Consultant will be paid for on-call duration and for additional escalations when something comes upExtensive experience supporting and administering security event management solutions - ie. Splunk SIEMs, Darktrace, threat hunting, log correlationExperience writing and troubleshooting rules or code with programming or scripting languages (eg. SPL, KSQL, Powershell, Python)Have proven experience interacting with customers and partners.Proven ability to mentor other.Inherently transparent and has a desire to share/teach others.Experience supporting and administering next gen AV solutions - ie. Cylance, Crowdstrike, MS Endopoint Defender (Aka Defender ATP)Experience supporting and administering next gen email gateways - ie. Proofpoint, Mimecast, or O365 secure email gateway.Experience supporting and administering next gen firewalls and web application firewalls - ie. Palo Alto, F5 WAFExcellent understanding of foundational Networking conceptsDeep experience troubleshooting issues with Operating Systems Windows or Linux.Excellent analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.Above average resourcefulnessHave enough experience with hybrid cloud infrastructure, specifically Azure or AWS to understand the threats and the mitigations in that environment.Have a keen interest in implementing measures to reduce workload, through articles, knowledge sharing, and automation.Is open to after-hours support.Exposure to the development cycle, Git, or even deployment pipelines is a nice to haveRemote Info: Please ensure the candidates submitted are located within Ontario, although we continue to support a remote work environment, there will be requirements in future (2022) to be on-prem.