Senior Security Analyst (GCS)

What is the Opportunity?

The RBC Threat Monitoring & Triage team is looking for an experienced Senior Security Analyst to join its team. This is a key role within the Security Operations Centre (SOC). The successful candidate will be providing technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment. This role will focus on performing first line investigation and response actions, including the triaging of security detections and escalation of security incidents. The Senior Security Analyst will also be responsible for maintaining awareness of emerging and advanced threats, and driving efficient security solutions to address the evolving threat landscape. This position will partner with Global Cyber Security (GCS) stakeholders and RBC leadership to achieve the organization's Intelligence-led Security and Resilient Services objectives.

What will you do?

• Respond to and investigate complex security detections across multiple environments and technologies in a timely manner
• Provide 7/24 support (rotational basis) for high severity incidents escalated from security vendors, GCS partners and the business
• Perform technical investigation and triage activities of security alerts based on potential impact and risk to the organization
• Escalate confirmed threats to SOC management and the Incident Response team as required based on criticality
• Develop, distribute and present technical findings regarding threats, attack vectors and detection techniques

• Maintain awareness of detection trends and alert metrics in order to enhance our security controls and overall defensive strategy
• Derive insights from day-to-day cyber investigations to identify security gaps and improve the organization's security posture
• Partner with detection engineers to enhance security monitoring rules and reduce false positive alerts
• Collaborate with SOAR engineers to optimize and automate detection and response capabilities
• Document, mature and maintain Triage Standard Operating Procedures (SOP)
• Assist in the proactive hunting of unknown threats and suspicious activities within the environment as required

What do you need to succeed?

Must have:

• Minimum 3 years of experience in a SOC environment

• Significant experience in performing investigation and triage activities of security events

• Advanced understanding of SIEM platforms

• Solid knowledge of security tools (NDR, EDR, IDS/IPS, WAF, etc.)

• Exposure to malware and sandbox analysis

• Knowledge of cybersecurity frameworks (Cyber Kill Chain, NIST, MITRE ATT&CK, etc.)

• Robust computer networking & OS knowledge

• Availability for rotating pager duty support for after hours and holidays

• Excellent work ethics, problem-solving and verbal/written communication skills

Nice-to-have:

• Experience with SOAR platforms

• Familiarity with threat hunting techniques and scenarios

• Knowledge in detection engineering

• Understanding of current threat landscape and threat actor TTPs

• Cloud security experience

• Experience with scripting languages (PowerShell, python, regex, bash, etc.)

• Some exposure to purple team activities

• Bachelors degree in Computer Science or related field

• Industry recognized certifications from ISC2, SANS, ISACA, etc.

Whats in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

• Flexible work/life balance options.

• Opportunities to do challenging work.

• Opportunities to take on progressively greater accountabilities.

• Opportunities to building close relationships with clients.

#LI-Hybrid

#LI-POST

#TECHPJ

Job Skills

Additional Job Details