Current jobs related to Incident Handler, Soc - Waterloo - eSentire

  • Security Operations Centre Incident Responder Ii

    1 week ago

    Waterloo, Canada BlackBerry Full time

    Worker Sub-Type: Regular **Job Description**: **Responsibilities**: - Act as the security incident handler for high-impact cyber security incidents - Assist with collection and handling of evidence - Determine if critical systems have been impacted and advise on remediation and recovery options - Coordinate with junior team members during triage and...

  • SOC Analyst I

    4 days ago

    Waterloo, Canada eSentire Full time

    About eSentire Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale. The Team eSentire...

  • Material Handler

    2 days ago

    Kitchener-Waterloo, Canada B&W Retail Full time

    **Material Handler** **Primary Objectives**: - Work with team leader in correctly identifying and receiving all product into the building - Ensure that all safety standards are met and exceeded - Demonstrate personal responsibility and accountability daily with regard to attitude, job performance, professionalism and commitment to continuous development -...

  • Director of Hospitality

    6 days ago

    Waterloo, Canada Schlegel Villages Inc. Full time

    **The Village at University Gates, located in Waterloo, Ontario has an exciting opportunity for a Director of Hospitality to join their village team.** **Our new Director of Hospitality will meet the following criteria**: - Experience in working in a customer service driven environment while leading a large hospitality team in multiple dining areas -...

  • Cyber Security Analyst

    6 days ago

    Waterloo, Canada Venuiti Full time

    **Cyber Security Analyst** **Location: Remote, Ontario Canada** **Position Type: Full-time** **Company Overview**: We are looking for a CyberSecurity Specialist to contribute to our project about digital pathology solutions that are transforming the medical imaging landscape. The advanced tools and platforms improve case reviews, enable remote...

  • Threat Intelligence Analyst

    16 hours ago

    Waterloo, Canada eSentire Full time

    About eSentire eSentire is on a mission to hunt, investigate and stop cyber threats before they become business disrupting events. We were founded on the premise that if you can’t find a solution, you build it. Entrepreneurship and innovation are in our DNA. Our culture is based on transparency, teamwork, and continuous innovation. The...

  • Junior Network Administrator

    2 weeks ago

    Waterloo, Canada Heartland Farm Mutual Inc. Full time

    Located in Ontario and Nova Scotia, Heartland Mutual Insurance strives to be the Best Mutual. Our team of talented and dedicated professionals challenge the norm and strive to be extraordinary. It’s all about fulfilling our promise with a personal approach. With our team, you’ll bring this purpose to life every day by living our values, being open to...

  • Junior Network, Cloud, and Security Administrator

    1 week ago

    Waterloo, Canada Heartland Mutual Insurance Full time

    Located in Ontario and Nova Scotia, Heartland Mutual Insurance strives to be the Best Mutual. Our team of talented and dedicated professionals challenge the norm and strive to be extraordinary. It’s all about fulfilling our promise with a personal approach. With our team, you’ll bring this purpose to life every day by living our values, being open to...

  • Technical Account Manager

    2 days ago

    Waterloo, Ontario, Canada eSentire Full time

     Position Overview We are seeking a highly skilled and proactive Technical Account Manager (TAM) to join our Strategic Account Management (SAM) team in the Managed Detection and Response (MDR) Cybersecurity industry. The TAM will serve as the primary technical advisor for strategic accounts, ensuring the successful deployment, integration, and optimization...

  • Ruby Restaurant Chef

    6 days ago

    Waterloo, Canada Schlegel Villages Full time

    **Our Village at University Gates has an exciting opportunity for a Chef to join our Team.** **You can be you while being a part of our family.** At Schlegel Villages we are redefining elder care through innovation, Village design and culture change, but we know the key to our Village success, and our residents’ satisfaction, is YOU and our teams. We...

Incident Handler, Soc

2 weeks ago

Waterloo, Canada eSentire Full time

About eSentire
eSentire is on a mission to hunt, investigate and stop cyber threats before they become business disrupting events. We were founded on the premise that if you can’t find a solution, you build it. Entrepreneurship and innovation are in our DNA. Our culture is based on transparency, teamwork, and continuous innovation.
Role Overview
The Incident Handler reports to the SOC Incident Handling Manager as part of the Incident Handling team to help support eSentire SOC operations during incident/breach situations. This role is the resource who takes part directly in IH activities and directly interfaces with eSentire’s Incident Response (IR) team. The primary focus of this role will be to get to resolution of incidents when a customer is handling a confirmed security incident and is in general alignment with the SOC and IR departments and company goals.
This individual is expected to be able to effectively manage highly technical investigations and support the delivery of meaningful, accurate results for both internal and external customers in a dependable and targeted manner. Time management and in-depth knowledge of all internal and many external products and services are imperative to success. Attention to detail is critical during incidents and post-incident discussions.

**Responsibilities**:

- Be part of a team of incident handler experts during active incidents and help to coordinate efforts with internal or external IR teams.
- Block/disrupt malicious network traffic, isolate infected hosts on customer networks, and perform other remediation actions using internal and third-party tools.
- Assist with coordinating resources during a customer incident to ensure proper handling.
- Serve as a dedicated technical point of contact during an incident to offer a consistent experience for customers during high-stress events.
- Provide high level summaries of incidents that can be tailored for multiple non-technical audiences.
- Handle complex security incidents to deliver incident reports and/or after-action reviews.
- Prioritize criticality of internal and external requests based on potential impact to customer environments or satisfaction.
- Join internal projects and initiatives to increase SOC efficiency and improve SOC tooling, working cross functionally with other internal teams as a stakeholder for the Service Delivery Organisation.
- Review and audit various SOC investigations and processes, following up with analysts and customers, as necessary.
- Support and mentor analysts in advanced investigations.
- Delegate resources during incidents that affect a large portion of the customer base to reduce overhead and coordinate team efforts.
- Ability to convey customer requirements to Product and Account Management.
- Represent the SOC in various stages of development of products and services, ensuring internal accountability and visibility.
- Identify gaps in processes and procedures, defining solutions, escalating to appropriate teams, and supporting implementation to promote consistency in service delivery.
- Attend or lead periodic security reviews with customers as required.
- Provide technical input on Security Advisories on behalf of the organization.

**Requirements**:

- Relevant degree in Computer Science, IT Security, IT Management, IT Support, or related discipline. Completed course must include a strong focus on networking and security.
- 5+ years’ full-time experience in a Security Operations Centre or similar Cyber Security Analysis role excluding time spent on an intern or work experience program.
- Hands on experience in at least two of the following Security domains:

- Network Security including Intrusion Detection Systems (IDS)
- Windows Endpoint Security, using EDR products such as VMware Carbon Black Response/Threat Hunter, CrowdStrike Falcon, SentinelOne or Microsoft Defender for Endpoint.
- SIEM/Log Management, using products such as SumoLogic, Splunk or similar
- Knowledge and experience of network and endpoint security technologies including:

- Snort and Suricata rules
- Packet Capture (PCAP) analysis using Wireshark.
- Windows Sysinternals tools
- Usage of Linux and navigating a terminal
- Basic scripting (Bash/Python/PowerShell) knowledge
- Analytical mind with strong attention to detail and a commitment to quality of service
- Strong customer facing written and verbal communication skills with the ability to effectively communicate complex security concepts with end customers.
- Demonstrated experience to confidently handle escalated customer issues, diffuse challenging situations and deliver an optimal customer experience.
- Natural ability to thrive in a fast-paced and time sensitive environment.
- Ability to work in an operational/shift-based environment with flexible working hours to include evenings and weekends.
- Industry Certificates such as CompTIA Network/Security+, OSCP, CCNA CyberOps, CASP or other similar industry standard certifications.
- Confident deci