SIEM Administrator

The SIEM Administrator will work with the SOC & SOC Infrastructure teams at GoSecure to provide application support on current and future SIEM products, ensure data feeds and application operation are maintained, and provide support to cyber security analysts in development of analytics and other operational aspects of the SIEM/SOAR product suite.Duties and responsibilitiesApplication support- Providing support for current and future SIEM products, including ensuring data feeds and application operation are maintainedCyber security analyst support- Helping cyber security analysts develop analytics and other operational aspects of the SIEM product Data management- Archiving, backing up, and purging data as needed and in compliance Evidence collection Collecting evidence for audits and documenting all activities performed and recorded Change management Raising change management tickets for SOC Admin activities and incidents Troubleshooting Coordinating with the SOC Monitoring team on troubleshooting issues and escalating them with a 3rd party TAC/Support team as required Security policies Developing and maintaining security policies, procedures, and standards to ensure compliance with regulatory requirements Content improvements Working with the Cybersecurity Incident Response Team and Threat Intelligence Team to identify content improvements Technical oversight Providing technical oversight, standardization, and validation of the effectiveness of SIEM content service UAT -> Production Cycle Stage and deploy upgrades, content changes and infrastructure improvements across several lab (UAT) and production environments to ensure minimal impactProactive Monitoring Implement iterative improvements for all resource utilization, data flow and operational metrics to create actionable alerts to the SOC Infra team to highlight production health issues before they impact SOC dutiesQualifications-Bachelor's degree and 4+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be accepted in lieu of degree.- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., Splunk, Elastic/Kibana, FortiSIEM).- UNIX OS Administration & command line experience- Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.- Windows/Unix-specific networking- Familiarity with various security tooling including EDR, NGAV, and Vulnerability Scanning technologies- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently.- Motivated self-starter and the ability to create complex technical reports on analytic findings.The following personal abilities are favoured at GoSecure:•Exceptional organizational skills;•Ability to think of problems and operational activities beyond technical scope, envisioning general business and political ramifications;•Ability to work independently and handle multiple tasks concurrently;•Adaptable to diverse environments;•Superior verbal and written communication skills in English and French are mandatory;•Energetic and positive with a “can do” attitude.English: fluent or intermediate, French considered a bonus

-3 weeks vacation, 5 personal days, paid bereavement days-14 paid holidays-Group insurance plan: health, dental, vision, disability, life, travel-Employee assistance program (Dialogue)-RRSP and matching employer contribution-Peer recognition program and other awards granted throughout the years-Company stock options-Discounts on a variety of merchants-Young and dynamic team always striving to improveand much more!