top of page

Security Associate

Ottawa, Canada

Job Reference Number

SWAT-CYB-OTT-03

Job Title

Location

Salary/Package

Additional Desired Skills

Security Associate

Ottawa, Canada

Negotiable depending on experience

Education Requirements & Experience

  • B.E., MCA, BCA, or University degree equivalent

  • No required work experience in the IT security industry

  • Certifications: CCNA Security

  • Good communication skills

  • Good analytical skills

  • Quick learner

  • Team player

Job Description

S.W.A.T - CYBERSEURITY INC. is a company providing managed detection and response (MDR) services to its global customers by monitoring their IT infrastructure for cyber security attacks.  We’re searching for a Security Associate for our SOC Monitoring team to assist our 24×7 managed security operations center. The position would comprise the following: Undergoing training for 6 months to learn security monitoring concepts, primary analysis of the logs, network concepts, handling customer calls, etc.

Assisting our security engineers in their day-to-day functions as detailed within the Responsibilities section of this document.

This role reports to the SOC Team Lead.

Responsibilities

  • Acknowledge, analyse and validate incidents triggered from correlated events through SIEM solution.

  • Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.

  • Collection of necessary logs that could help in the incident containment and security investigation.

  • Escalate validated and confirmed incidents to SOC Analyst.

  • Undertake first stages of false positive and false negative analysis.

  • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.

  • Understand the subject of Carbon Black alarms.

  • Open incidents in S.W.A.T - CYBERSEURITY to report the alarms triggered or threats detected. Analyst should properly include for each incident on S.W.A.T - CYBERSEURITY all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.

  • Track and update incidents and requests based on client’s updates and analysis results.

  • Properly log client requests and change requests in S.W.A.T - CYBERSEURITY

  • Report infrastructure issues to the S.W.A.T - CYBERSEURITY support team.

  • Report false positive alarms from Carbon Black and LogRhythm to L2 analysts.

  • Generate weekly reports from LogRhythm platform and send it to L2 for review.

  • Other duties related to the position.

Essential Skills

  • Certifications: CCNA

  • Should have knowledge in Linux and Windows.

bottom of page