Posted: Friday, February 17, 2017 11:24 AM
Vaughan, Ontario, Canada
All Available Locations:
External Posting Description 13;
Reporting to the SOC Implementation Manager, you are self:motivated, energetic, driven for success and results oriented. Your knowledge of security devices, system administration, security operations processes, incident management, professional services and the firm will help you to support delivery and execution of managed security services offered by Deloitte. You will also be a key player and part of a team providing world:class security operations capabilities for our clients and a capability aligned with our strategic direction and that helps the firm better deliver on new and existing engagements. This position will focus on supporting and maintaining the new and existing clients in the SOC. Our network of Cyber Intelligence Centers in Canada are located in Montreal, Toronto, and Calgary. We are recruiting in each of our centers. Occasional travel to local clients will be required and there are also opportunities for travel nationally and globally if the candidate is interested. Ability to obtain Government of Canada Secret security clearance.
:Responsible for Content Development (rules, use cases, reports, queries, etc.) in SIEM.
:Generate and implement rules based on specific client requirements.
:Tuning/testing of content to reduce false positives within the SIEM
:Create documentation (playbooks) of all content created
:Provide input, direction and strategic decisions to help drive content decisions within the SIEM which are based on the industrys best practices
:Ability to assess the content as a result of changes in the client environment.
:Providing reports on a monthly basis or ad hoc communicating the changes in the content in the SIEM platform
:Integrate threat intelligence from various sources into existing and new content
:Customize security content including filters/rules/report creation and vulnerability mapping 13;
External Posting Qualifications 13;
:Diploma / Degree in Information Security
:Minimum of two (2) years of experience working within information security
:Minimum of two (2) years of SIEM Content Development experience
:Experience with SIEM technologies (e.g. Arcsight, ELK, QRadar etc.)
:Experience working with Linux and Windows OS
:Experience working with Java, Python, and Perl scripting
:Strong working knowledge of Security devices (IDS/IPS, Firewalls, Load Balancers, Routing and Switching etc.)
:Minimum of five or more (5+) years of SIEM Content Development experience
:Advanced knowledge of security analytics, reporting and creative thinking
:Experience integrating new log sources and data correlation rules into the SIEM
:Minimum of five or more (5+) years of experience within the information security field 13;
Get your career off to a great start. What impact will you make?
We're always looking for people with the relentless energy to drive and push themselves further to find new avenues and unique ways of reaching our shared goals. At Deloitte, we know that being the undisputed leader means empowering our people to be the very best they can be : so they can make an impact that matters for clients, colleagues and the community, and for their own careers.
We offer a truly differentiated talent experience that empowers our people withunlimited opportunities to do meaningful work and to grow, learn, and lead at every point in their career. Deloitte's newly designed offices offer unique workspaces that strengthen connections, inspire innovative ways of working, and provide the necessary tools to help you make an impact that matters. And with our global reach and network, you'll always be part of the Deloitte community.
"Once Deloitte, always Deloitte."
Lead yourself. Lead a team. Lead the firm. It's all possible at Deloit
• Location: Toronto
• Post ID: 59988087 toronto