Job Description
Bell is making unmatched investments in our world-leading broadband fibre and wireless networks because we know they’re the backbone of the products and services our customers love. If you’re excited about transforming the way people connect, our Network team is the right place for you.
The Bell Security Operations Center (Bell SOC) team is responsible for providing round the clock security services by proactively monitoring, detecting security attacks and violations, and providing effective mitigation strategies to Bell and its customer information assets.
Bell SOC is currently seeking an experienced candidate for a position within the Security Operations Center team. Reporting to the Senior Manager, this person is tasked to lead a DDOS squad and assist with Incident Response. The candidate should be an independent, critical thinker, skilled in analyzing data while working effectively with other internal and external teams to conduct cyber investigations and respond to threat matters. As a core member of Bell’s Security Operations Center (SOC) team, the candidate must also be able to work in high-pressure situations for extended periods.
Responsibilities:
- Lead and oversee a security group specialized on detection and response to Distributed Denial of Service (DDOS) attacks.
- Develop and implement security initiatives to ensure the best possible measures are in place to maintain a secure operation.
- Monitor, evaluate and maintain systems and procedures to safeguard internal information systems.
- Co-ordinate the development, implementation and enforcement of security strategies, policies and procedures.
- Facilitate the development of management systems that measure people and process performance, with the aim of ensuring continuous improvement.
- Configure, implement, manage and maintain security devices as well as provide general knowledge and recommendations for security best practices.
- Develop, maintain and update documentation associated to production releases.
- Adhere to best practices for security management.
- Serve as Incident handler for applicable security incidents affecting multi-technology and multi-vendor platforms.
- Provide team training on latest network detection and protection methods, incorporating latest security trends.
Qualifications:
- Completion of University or College program in Computer Science; or 5 years of equivalent industry experience in the information systems field.
- Experience with the security tools that prevent and detect denial of service attacks and the protection methods that are available (Arbor and Radware Defense-pro preferable).
- Experience/Knowledge of a variety of intrusion detection platforms.
- Experience/Knowledge of SIEM technology – HP ArcSight ESM/Elastic Search/Kibana
- Proven experience performing analysis of security events to determine root cause and provide resolution
- Very strong working knowledge of networking and security tools such as firewalls, IDS/IPS, A/V, anti-spam, content management, server and network device hardening
- Competence in using an internal and external ticketing system for ITIL-based incident, problem and change management
- Previous experience in troubleshooting day-to-day operational processes such as report generation, data verification, data correlation, etc.
- Methodical and creative approach to problem-solving
- Proven experience in the design, implementation and troubleshooting of operational security solutions.
- Experience translating complex and ambiguous problems into actionable components.
- Excellent communication and presentation skills.
- Leadership skills
- CISSP and/or any GIAC certification or similar certification desirable
Job ID: 93633