SIEM Systems Administrator Full-time Job11 months ago - System / Network - Vancouver - 179 views
The candidate for the position of Security Analyst is required to understand networks protocols and systems behaviors. It is expected this position will perform in a SIEM System Administrative environment by providing first point of contact for security related incidents impacting the organization. SIEM System Administrator would work with BCNET’s IT and Network Services to ensure security of the management network and related infrastructure. Document work through helpdesk and change management software and other means.
JOB DUTIES AND TASKS:
You would be
- Working with the BCNET Manager, Information Technology and as a member of the IT team deploy, maintain and upgrade SIEM systems, as well as Vulnerability Scanners, Logs Management
- Monitoring server infrastructure activity and connectivity, troubleshoots, diagnoses and resolves server security problems; Manage network devices, intrusion detection and prevention systems and VPN access;
- Recommending and installing appropriate IT Security tools and countermeasures and support the development of an Incident Response Plan;
- Assessing server infrastructure problems and develops solutions and implementation plans for resolutions with vendor equipment or software suppliers and maintains a peer technical expertise liaison with vendors and suppliers;
- Advising and makes recommendations to the technical life cycle planning implementation and upgrade security measures and controls within the BCNET SIEM system
- Employing technical expertise and represents BCNET and Network Services, Client Services, Shared Systems and Technology in developing, maintaining, and communicating solutions with BCNET staff and customers;
- Triaging, analyzing and prioritizing security events, incidents and documenting tasks; Maintaining documentation for both policy and auditable standards
- Working independently to see operational projects to completion and works collaboratively with peers and team members to meet objectives;
- Participating in the development of best practices, standards, procedures and quality objectives across the SIEM infrastructure and platforms;
- Maintaining appropriate professional designations and up-to-date knowledge of current information technology techniques and tools;
- Occasionally required to provide after hours on-call support on a rotational basis and be available off-hours to work on emergency server infrastructure problems, maintenance, or project activities.
QUALIFICATIONS AND SKILLS:
- Be a Canadian citizen or have required documentation to work in Canada
- Clearly identify on your application your progressive relevant experience in an operational Systems/network administrator, Network security engineer, IT Security environment
- Experience some SIEM Products such as ArcSight, LogRhythm, Elastic (ELK), QRadar or Splunk
- Windows, Unix and Linux Operating Systems
- TCP/IP, computer networking, routing and switching, firewalls, VPN
- CLI, Bash, PowerShell and scripting practice
- Experience with firewalls, routers, switches and other network devices
- Experience with virtualization systems like VMware ESXi, KVM or MS Hyper-V
- Experience with Wireshark, nmap, Kali Linux and other network security tools.
- College diploma or university degree in computer science or related fields or a suitable combination of education, experience, or other relevant training
- Hands-on experience investigating common types of attacks such as brute-force, phishing, DDoS and data exfiltration.
- Vulnerabilities and Information Risk assessments
- Good knowledge of IT Security Frameworks (NIST, CIS, ISO 27001)
- Forensics investigation and analysis of security incidents
- Systems Security Certified Practitioner (SSCP) or other IT security certifications
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP)
- Penetration testing of applications and infrastructure
- Experience with other scripting tools like Perl, Python and/or Velocity
- Familiarity with Jira, Wiki, Confluence and Puppet applications.
- Automation tools (i.e. Ansible, Puppet, Chef)
- Experience working within the higher education
We continuously engage with our members to explore, evaluate and develop solutions that meet their unique needs.
Our aim is to build value through collaboration, drive down costs, maximize efficiencies and further the mission of our members.