Security Analyst, Threat Detection and Response
4 days ago
Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with genuine heart. We know that the best way to enable our people to deliver these exceptional guest experiences is through a world-class employee experience and company culture.
At Four Seasons, we believe in recognizing a familiar face, welcoming a new one and treating everyone we meet the way we would want to be treated ourselves. Whether you work with us, stay with us, live with us or discover with us, we believe our purpose is to create impressions that will stay with you for a lifetime. It comes from our belief that life is richer when we truly connect to the people and the world around us.
About the location:
Four Seasons Hotels and Resorts is a global, luxury hotel management company. We manage over 120 hotels and resorts and 50 private residences in 47 countries around the world and growing. Central to Four Seasons employee experience and social impact programming is the company's commitment to supporting cancer research, and the advancement of diversity, inclusion, equality and belonging at Four Seasons corporate offices and properties worldwide. At Four Seasons, we are powered by people and our culture enables everything we do.
Four Seasons has an exciting opportunity in our Information Systems Technology department for a Threat Detection and Response Security Analyst. Working with the Security Operations team, the Threat Detection and Response Security Analyst will detect, analyze, and respond to internal and external cyber threat events that would have an impact on the business functions of Four Seasons Hotels and Resorts.
This role is based in Four Seasons Hotels and Resorts, Toronto Corporate Office, reporting to the Director, Global IT Security. This role involves interactions with primarily internal stakeholders at various levels.
What You'll Be Doing
Security Technology Implementation:
- Develops requirements for detection models and enhancements to existing systems
- Works cross-functionally with Security Engineering team to design and implement advanced detection and response systems that can detect and respond to sophisticated cyber threats.
- Builds solutions for analyzing security events data at scale and protecting Four Seasons networks, systems, and data from threats
- Writes unit test cases, review, and optimize threat detections, and implement pipelines to automate detection validation
- Implements integrations or efficiencies for security solutions
Security Threat Detection:
- Performs proactive threat hunting to identify potential security threats
- Provides actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user and entity activity
- Investigates threat campaigns to identify elements used (IPs, Domains, etc.)
- Identifies internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer's information assets
Security Threats Analysis:
- Analyses security events and qualifying these events according to the different kinds of threat: spam, scam, phishing, spear phishing, malware, ransomware, and others.
- Analyses internal and external threats and provide security summaries of findings.
Security Threat Response:
- Blocks elements used in threat campaigns
- Thinks creatively and holistically about reducing risk in a complex environment
- Creates and update our detection rules on various platforms to block advanced threats predictively
Information Security Reporting:
- Writes documentation and reporting on ongoing threats and techniques used
- Communicates results clearly and focus on impact
Incident Response:
- Streamlines incident response capabilities, ensuring the tooling and processes are clear
- Assists in conducting investigations of security breaches and non-adherence to IT security policies and procedures, including those of a sensitive and confidential nature
- Reports findings and recommendations to Manager.
Security Operations:
- Participates in resolving technical issues with the team
- Documents solutions and processes appropriately and knowledge transfer to the team
- Assists the team with investigating security alerts from security platforms
Vulnerability Management:
- Conducts Network and System Vulnerability assessments and documentation of corrective/remediation actions
- Drives the end-to-end vulnerability lifecycle from discovery to closure
- Ensures timely follow up with patch management and vulnerability remediation with impacted stakeholders
Who You Are
- Has a passion for Information Security and Privacy disciplines
- Highly critical and analytical disposition
- High attention to detail and strong listening skills
- Ability to work independently with minimal supervision
- Natural curiosity and an ability to undertake creative exploration
- Self-motivated, with critical attention to deadlines and reporting
- The ability to manage tasks simultaneously and meet deadlines within a high energy, fast paced and evolving environment
- The ability to grasp and communicate technical issues to a variety of audiences
- Be curious, propose initiatives, autonomous, resourceful, and rigorous
What You Bring
- Minimum 3 years of relevant experience in an IT Security role
- Proven experience performing analysis of threat events (e.g., first, or third-party applications, system / data access, event logs), network security, digital forensics, and incident response investigations.
- Experience with tactical threat intelligence and/or hunting for sophisticated threat actors in an enterprise environment
- Strong experience with cloud operations - security focused (AWS, Azure)
- Experience with IT/Network operations including server and network/firewall configuration
- Very strong working knowledge of security tools such as firewalls, IDS/IPS, A/V, EDR, anti-spam, content management, server, and network device hardening, etc.
- Expert knowledge of Python or similar programming languages
- Knowledge writing / working with APIs and associated technologies
- Preferred experience with above systems in a hotel/hospitality environment
- Bachelor's degree or equivalent business qualifications
- Information Security certification required (CISSP, GIAC, GSEC, GMON, or similar)
- In-depth knowledge of threat landscape and MITRE ATT&CK
- Proven experience performing analysis of security threats to determine scope and propose best response
- Very strong working knowledge of security tools such as firewalls, IDS/IPS, A/V, EDR, anti-spam, content management, server, and network device hardening, etc.
- Competence in using an internal and external ticketing system for ITIL-based incident, problem and change management
- Previous experience in troubleshooting day-to-day operational processes such as report generation, data verification, data correlation, etc.
- Proficiency in running, adjudicating and remediating results from vulnerability scans
- Strong understanding of PCI DSS
- Strong experience with cloud operations - security focused (AWS, Azure)
- Experience in WAF technologies
- Strong understanding of computer networking
- Experience with IT/Network operations including server and network/firewall configurations
- Scripting knowledge (VBS/JS, PowerShell, Bash, Python)
- Experience and/or knowledge of security and privacy-enhancing technologies such as identity management, application security, and network security technologies
- Working knowledge of OWASP Top 10 and application security fundamentals
- Understanding and experience with enterprise SIEM technologies
- Industry certifications (ISC2: CISSP, CCSP, ISACA: CISM, SANS: GSEC, GCIA, GMON) are strong assets
- Deep understanding of cyber threats and attack methods to help design and implement advanced detection and response systems.
- Experience with Intrusion Detection and Prevention Systems (IDPS), Web Proxy, Antivirus, Security Information and Event Management (SIEMs), and/or Endpoint Detection agents
All internal applications must be submitted and approved in Workday by June 21, 2024.
This role will be a Hybrid working model, which will require 3 days per week in the Four Seasons Corporate Office located at 1165 Leslie Street, Toronto, Ontario #LI-Hybrid
Four Seasons is committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. If contacted for an employment opportunity, please advise Human Resources if you require accommodation.
-
Security Analyst, Threat Detection and Response
2 weeks ago
Toronto, Ontario, Canada Four Seasons Hotels and Resorts Full timeAbout Four Seasons: Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with...
-
Security Analyst, Threat Detection and Response
3 weeks ago
Toronto, Canada Four Seasons Hotels and Resorts Full timeAbout Four Seasons: Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with...
-
Old Toronto, Ontario, Canada Four Seasons Hotels and Resorts Full timeAbout Four Seasons:Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with genuine...
-
Security Analyst, Threat Detection and Response
3 weeks ago
Old Toronto, Canada Four Seasons Hotels and Resorts Full timeAbout Four Seasons:Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with genuine...
-
Security Analyst, Threat Detection and Response
3 weeks ago
Old Toronto, Canada Four Seasons Hotels and Resorts Full timeAbout Four Seasons:Four Seasons is powered by our people. We are a collective of individuals who crave to become better, to push ourselves to new heights and to treat each other as we wish to be treated in return. Our team members around the world create amazing experiences for our guests, residents, and partners through a commitment to luxury with genuine...
-
Threat Detection Analyst
4 weeks ago
Old Toronto, Canada Quantum Technology Recruiting Inc. Full timePosition: Threat Detection Analyst (Security)Location: Remote (EST hours)Perks: Competitive rateOur client is a leading American delivery company that operates a grocery delivery and pick-up service in the United States and Canada accessible via a website and mobile app. They are a big player in this business. They are an organization of experienced and...
-
Threat Detection Analyst
1 month ago
Old Toronto, Canada Quantum Technology Recruiting Inc. Full timePosition: Threat Detection Analyst (Security)Location: Remote (EST hours)Perks: Competitive rateOur client is a leading American delivery company that operates a grocery delivery and pick-up service in the United States and Canada accessible via a website and mobile app. They are a big player in this business. They are an organization of experienced and...
-
Threat Detection Analyst
4 weeks ago
Old Toronto, Canada Quantum Technology Recruiting Inc. Full timePosition: Threat Detection Analyst (Security)Location: Remote (EST hours)Perks: Competitive rateOur client is a leading American delivery company that operates a grocery delivery and pick-up service in the United States and Canada accessible via a website and mobile app. They are a big player in this business. They are an organization of experienced and...
-
Threat Detection Analyst
4 weeks ago
Old Toronto, Canada Quantum Technology Recruiting Inc. Full timePosition: Threat Detection Analyst (Security)Location: Remote (EST hours)Perks: Competitive rateOur client is a leading American delivery company that operates a grocery delivery and pick-up service in the United States and Canada accessible via a website and mobile app. They are a big player in this business. They are an organization of experienced and...
-
Threat Detection Analyst
4 weeks ago
Old Toronto, Canada Quantum Technology Recruiting Inc. Full timePosition: Threat Detection Analyst (Security)Location: Remote (EST hours)Perks: Competitive rateOur client is a leading American delivery company that operates a grocery delivery and pick-up service in the United States and Canada accessible via a website and mobile app. They are a big player in this business. They are an organization of experienced and...
-
Threat Detection Analyst
1 week ago
Old Toronto, Ontario, Canada Quantum Technology Recruiting Inc. Full timePosition: Threat Detection Analyst (Security)Location: Remote (EST hours)Perks: Competitive rateOur client is a leading American delivery company that operates a grocery delivery and pick-up service in the United States and Canada accessible via a website and mobile app. They are a big player in this business. They are an organization of experienced and...
-
Security Analyst
1 week ago
Toronto, Ontario, Canada Cyderes Full timeCyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility...
-
Analyst L, Cyber Threat and Vulnerability
4 weeks ago
Toronto, Canada Toronto District School Board Full timeNo. CUPE C-23-0157UE POSTED: June 6, 2023 DEADLINE: 4:30 p.m: June 14, 2023 **Analyst l, Cyber Threat and Vulnerability Management** 1 - Permanent Position **Information Technology Services** **CUPE Local 4400, Unit C - Grade O (12 Month)** **$42.90 per hour** **The Toronto District School Board adheres to equitable hiring, employment and promotion...
-
Principal Security Analyst
2 weeks ago
Toronto, Canada Herjavec Group Full time**About the Company**: Cyderes is a global cybersecurity powerhouse offering comprehensive solutions around managed security, identity and access management, and professional services. Cyderes provides the people, process, and technology modern enterprises rely on to manage risk, maintain compliance, and respond to security threats with greater speed, scale,...
-
Manager of Detection Enablement
2 weeks ago
Toronto, Canada Canada Life Assurance Company Full time**Job Description**: Are you looking to join an organization that values and understands the importance of cyber detection and response, operationally and tactically? If so then we are looking for you, our next**:Manager of Detection Enablement.** The Manager, Detection Enablement is a critical role reporting to the Director, Detection Engineering and...
-
Security Analyst Ii
3 weeks ago
Toronto, Canada Herjavec Group Full timeSecurity Analyst II Canada **About the Company**: Cyderes is a global cybersecurity powerhouse offering comprehensive solutions around managed security, identity and access management, and professional services. Cyderes provides the people, process, and technology modern enterprises rely on to manage risk, maintain compliance, and respond to security...
-
Junior SOC Analyst
7 days ago
Toronto, Canada Mjolnir Security Full timeMjolnir provides clients with a suite of highly advanced and AI/ML driven tools and services - Security Ops Center as a Service, Threat Detection and Dark web Threat Intelligence, Digital Forensics, Threat Analysis and Incident Response services, as well as Cyber Security training. Mjolnir supports both corporate and public agencies - and specializes in...
-
Toronto, Ontario, Canada Toronto District School Board Full timeNo.CUPE C UEPOSTED:February 7, 2023DEADLINE:4:30 pm:February 21, 2023Analyst l, Cyber Threat and Vulnerability Management Permanent PositionInformation Technology ServicesCUPE Local 4400, Unit C - Grade O (12 Months)**$ $51.10 per hourThe Toronto District School Board adheres to equitable hiring, employment and promotion practices. Reporting to the Senior...
-
Security Analyst Ii
2 weeks ago
Toronto, Canada Herjavec Group Full timeAbout the Company: Cyderes is a global cybersecurity powerhouse offering comprehensive solutions around managed security, identity and access management, and professional services. Cyderes provides the people, process, and technology modern enterprises rely on to manage risk, maintain compliance, and respond to security threats with greater speed, scale, and...
-
Threat Researcher
3 weeks ago
Toronto, Canada eSentire Full timeAbout eSentire Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire...
