Cyber Security Specialist

We are banking at another level.

Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to fuel the success of Canadian entrepreneurs.

Choosing BDC as your employer also means:
- Flexible and competitive benefits, including an Employee Savings and Investment Plan where BDC matches part of your voluntary contributions, a Defined Benefit Pension Plan, a $750 wellness and health care spending account, to name a few- In addition to paid vacation each year, five personal days, sick days as necessary, and our offices are closed from December 25 to January 1- A hybrid work model that truly balances work and personal life- Opportunities for learning, training and development, and much more...

POSITION OVERVIEW

This critical role requires a detailed understanding of cyber security and in-depth knowledge of endpoint and computer networking fundamentals, Cloud technologies in the context of logging, observability, and detection engineering know-how to protect such assets.

The role will drive the creation and execution of plans for the deployment, ongoing orchestration and operationalization of cyber security services and products with focus Splunk and Splunk SE detection engineering. The CYBER SECURITY Specialist will help develop and maintain key relationships with internal and external cyber security entities and be operationally focused on the defense of BDC’s network and assets while strategically positioning the organization in preparation for increasing complexity and emerging threats.

As a Detection Engineer, you will play a crucial role in designing, implementing, and maintaining detection strategies using Splunk Enterprise, Splunk ES (Enterprise Security), and Splunk SOAR (Security Orchestration, Automation, and Response)

Your main tasks will be driven will be detections and detection mechanisms that provide comprehensive coverage of both known and unknown threats. The responsibilities involve writing structured queries against large datasets of endpoint and network telemetry, as well as building custom threat detection tooling and frameworks. We encourage the continual practice of adversary emulation to identify novel detections as well as validate the effectiveness of our threat detection posture.

CHALLENGES TO BE MET- Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products with focus Splunk and Splunk SE to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy.- Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to cyber services such as SIEM, Splunk, EDR, CSPM, CWPP, Containers as well as other in-house developed services.- Keep abreast with new technologies in the Cyber space with the goal of enhancing BDC cyber posture.- Lead and manage technical aspects of BDC’s cyber technology providers to make sure BDC Cyber tech stack is providing all the necessary detective protections.- Define and maintain the roadmap of program and technology changes being driven by the internal needs and IT projects as well as new developments on the providers’ side.- Manage detection engineering security operations projects, including process improvement and technology investment.- Maintain relationships with external sources of information security information that can be used to manage our security program.- Research trends in new security threats, technologies; advise and train team members to maintain awareness.- Work closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization.- Provide suggestions and feedback to improve the overall capabilities of the BDC Security team.- Monitor cyber tooling output and conduct spot checks for accuracy.- Conduct research within the fields of Security Observability, EDR, Cloud and Container security to develop new strategies against threats.- Respond to monitoring alerts according to defined playbooks and procedures.- Participate in Post Incident Reviews and discussions.- Enhance playbooks and procedures to improve security posture and reduce noise.- Experience with one or more scripting languages, such as Python, Bash in the context Splunk SE and SOAR- Creating and updating rules and signatures for automated threat detection.- As needed, integrating various tools and technologies to form a coherent detection infrastructure.- Monitor and analyze security logs and events to identify and respond to security incidents.- Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.- Engage wi