Cybersecurity - Incident Response Analyst

Cybersecurity - Incident Response Analyst Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence. We are looking for an experienced cybersecurity incident responder who can manage incidents at Tier 3 level and who is experienced in investigating cybersecurity incidents using incident response tools. The Cybersecurity Analyst – Incident Response role will also support internal fraud and financial crime investigations where there is a cyber element. This position has an on-call rotation element to provide prompt response to mitigate impact a 24/7. The candidate will have experience with Information Technology and a solid level knowledge of Cybersecurity principles. The role is part of Aviva’s Canada Cybersecurity Operations team and will be primarily based out of our Markham office. What You\'ll Do Take ownership of incident response activities and create summary reports for management and other internal stakeholders Analyze advanced cybersecurity alerts from managed service providers to determine impact, select most effective containment and remediation activities, and ensure appropriate recovery takes place Maintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying enhancement opportunities in configuration and alerting rules while practicing and improving practical skills Conduct detailed technical investigation of cybersecurity incident root causes including threat vector, technique and tactics Be diligent throughout shift and when on call to quickly respond to cybersecurity alerts and be available for time sensitive responses Work with key internal teams from Group CISO, Privacy Office, and Financial Crime Teams to support other investigations where there is a cyber element Adapt to fast-paced environment What You\'ll Bring At least 5 years of experience directly working in cybersecurity incident response, preferably in a large financial services institution Strong incident response technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques Demonstrated ability to analyze cybersecurity alerts to determine business impact and selecting containment and remediation activities that appropriate recovery Maintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying enhancement opportunities in configuration and alerting rules while practicing and improving practical skills Conduct detailed technical investigation of cybersecurity incidents and identified root causes including threat vector, technique and tactics Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external peers Obtained or pursuing a recognized cybersecurity incident response or related certification, such as CISCP, OSCP, CIH, CHFI etc. Experience reviewing, analyzing, discussing, explaining, and reporting cyber threats and results Strong interpersonal and communication skills, ability to respond to multiple incidents simultaneously and in a prioritized matter Preferred candidates will also have experience in threat hunting OR threat intelligence OR forensics, in addition to cybersecurity incident response. What You’ll Get Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities Outstanding Career Development opportunities We’ll support your professional development education Competitive vacation package with the option to purchase 5 extra days off per year Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion Corporate wellness programs to support our employees’ physical and mental health Hybrid flexible work model Please note that we may use AI tools to help us through the recruitment process. This is an existing position which has been posted both internally & externally. Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada. Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Insurance Referrals increase your chances of interviewing at Aviva Canada by 2x Sign in to set job alerts for “Cyber Security Analyst” roles. Information Security Specialist (ID#5097) Greater Toronto Area, Canada CA$100,000.00-CA$110,000.00 2 weeks ago IT Security Analyst (application security) Toronto, Ontario, Canada CA$75.00-CA$80.00 3 weeks ago Security Operations Centre (SOC) Analyst, Level 1 Security Specialist (Penetration Tester) 8436-3112 Cybersecurity - Incident Response Analyst Security Specialist (Penetration Tester) 8437-3112 Information Security Architect - Global Bank We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr