Information SecuritySpecialist

Our Digital & Technology team wakes up every day with one goal in mind – to connect Canadians to the people and things that matter most. Collectively, we’re proud to support 30 million Canadians each month.

We manage a robust portfolio that champions the leading edge of technology and media. We drive projects that expand connectivity to underserved communities from coast-to-coast-to-coast; build and enhance our fixed broadband network to provide high-speed Internet, TV and Smart Home Monitoring; and support our world class wireless network, offering our customers Canada’s largest and most reliable 5G network. As the Digital & Technology team, we are building our tomorrow, today.

Come play a key role in building the future of innovation in Canada, Let’s make your possible.

Do you enjoy working on high-scale, complex, and high visibility projects and programs?  If yes, consider the following opportunity:

Rogers Information and Cyber Security Unit is seeking a highly motivated Cyber Security Specialist to join our Cyber Protection Centre. This role is responsible for maintaining and advancing our existing cybersecurity program through the continual review and development of Rogers's cybersecurity strategy and security incident response procedures. This role is equivalent to a SOC Tier 1 specialist. Reporting to the Sr. Manager, Cyber Incident Response and Intelligence, the incumbent will be tasked with providing support to Rogers’ cyber incident response function, which includes the identification and application of threat intelligence information.

Summary of Essential Job Functions:

• Providing first-line response and initial management of any new or developing cybersecurity-related issues including participation in on-call rotation.
• Enhanced level triage and assessment of security events to determine the risk to the business.
• Utilizing “kill chain” methodologies, effectively determine risk prioritized response, investigate security events, and make clear recommendations on mitigation.
• Review and interpret alerts, events, and system alarms using SIEM, other tools, behavioral analytics, and network analysis while providing evolved emergency response services, incident management and analysis.
• Respond to service provider network attacks affecting critical network infrastructure and the cloud environments.
• Produce detailed incident reports and technical briefs on security incidents and preparing executive risk-based metrics reports based on the MITRE ATT&CK model.
• Participate and contribute to post incidents reviews and documentation.
• Identify and report on threat intelligence from external & internal resources and use to apply risk based assessments.
• Investigation of security events to determine root cause.
• Tracking and reporting of events and investigations.
• Contribute to security projects, meetings, and ad-hoc requests.

Required Skills and Experience:

• 1-3 years + applied technical experience.
• Expertise in Kill Chain Methodology & Cyber Threat Intelligence Framework is an asset.
• Experience with forensic tools and methodologies is required
• Scripting (Powershell, Bash, Perl, Python) knowledge/experience a bonus.
• Direct experience with developing security metrics, KRIs and KPIs for leadership team.
• Strong knowledge of Clouds, Service provider/ Telecom infrastructure, virtual environments, web applications and APIs
• Working knowledge of TCP/IP networking, including routing and common ports/protocols.
• Proficiency with large data manipulation tools ie, Excel, DBs, Open Source, and Linux tools
• Demonstrated relevant experience as a key member of threat intel, incident response, malware analysis, or similar role.
• Strong knowledge of malware families and network attack vectors.
• Strong knowledge of Linux, Windows system internals.
• Understanding of payment card processing, related fraud, and carding techniques.
• Self-motivated individual with a 'will do' attitude and a strong desire for continuous process improvement.
• Proven ability to work in a stressful or crisis situation.
• Ability to drive things, work well both independently and in a team environment.
• Ability to clearly articulate risk & findings to internal clients both verbally and in written form.
• Excellent communication, presentation, and relationship skills.
• Strong organizational, time management, and multi-tasking skills.
• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is good to have.
• Ability to obtain security clearance (if required).
• Undergraduate degree in computer science, engineering, information science, or a related technical discipline.

Schedule: Full time