Cybersecurity Incident Response Analyst

Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.We are looking for an experienced cybersecurity incident responder who can manage incidents at Tier 3 level and who is experienced in investigating cybersecurity incidents using incident response tools. The Cybersecurity Analyst – Incident Response role will also support internal fraud and financial crime investigations where there is a cyber element. This position has an on-call rotation element to provide prompt response to mitigate impact a 24/7.The candidate will have experience with Information Technology and a solid level knowledge of Cybersecurity principles.The role is part of Aviva’s Canada Cybersecurity Operations team and will be primarily based out of our Markham office.What you'll doTake ownership of incident response activities and create summary reports for management and other internal stakeholdersAnalyze advanced cybersecurity alerts from managed service providers to determine impact, select most effective containment and remediation activities, and ensure appropriate recovery takes placeMaintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying enhancement opportunities in configuration and alerting rules while practicing and improving practical skillsConduct detailed technical investigation of cybersecurity incident root causes including threat vector, technique and tacticsBe diligent throughout shift and when on call to quickly response to cybersecurity alerts and be available for time sensitive responsesWork with key internal teams from Group CISO, Privacy Office, and Financial Crime Teams to support other investigations where there is a cyber elementAdapt to fast-paced environmentWhat you'll bringAt least 5 years of experience directly working in cybersecurity incident response, preferably in a large financial services institutionStrong incident response technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniquesDemonstrated ability to analyze cybersecurity alerts to determine business impact and selecting containment and remediation activities that appropriate recoveryMaintain effectiveness of incident response tools, including EDR, SIEM, and SOAR, by identifying enhancement opportunities in configuration and alerting rules while practicing and improving practical skillsConduct detailed technical investigation of cybersecurity incidents and identified root causes including threat vector, technique and tactics.Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external peersObtained or pursuing a recognized cybersecurity incident response or related certification, such as CISCP, OSCP, CIH, CHFI etc.Experience reviewing, analyzing, discussing, explaining, and reporting cyber threats and results.Strong interpersonal and communication skills, ability to respond to multiple incidents simultaneously and in a prioritized matter.Preferred candidates will also have experience in threat hunting OR threat intelligence OR forensics, in addition to cybersecurity incident response.What you’ll getCompelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.Competitive vacation package with the option to purchase 5 extra days off per year.Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.Corporate wellness programs to support our employees’ physical and mental health.Hybrid flexible work model.Please note that we may use AI tools to help us through the recruitment process. This is an existing position which has been posted both internally & externally.Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.About the companyWe’re here to protect our 33 million customers from life’s unexpected twists and turns – freeing them from fear of uncertainty. We are one of only a few insurance companies in the world that can provide customers with life, general and health insurance, and asset management in one place – a composite insurer. And we have a unique competitive advantage. Whether we’re protecting them from everyday risks or helping them to save for the future, we put customers at the heart of all we do – creating a bright and sustainable future for our customers, employees and our communities. #J-18808-Ljbffr