Technical Lead

IT - Systems Integration
Oakville, ON
Permanent
Oct 22, 2020

As a Technical Lead, you will be responsible for providing exceptional service to customers. Working in close partnership with leadership, you will lead a Threat Hunting team, ensuring that customer Managed Detection and Response (MDR) services are delivered to the highest of standards. You will support the execution of threat event lifecycle management, Threat Hunting, and Threat Intelligence activities. You will provide 2nd level support to the Threat Hunting team and act as an escalation point for both the internal team and customers. You will interface with the Cyber Research & Response team as security events require escalated remote incident response support, to support Threat Intelligence activities, and to collaborate on Lab discovery work. You will support customer communications, including recurring and ad hoc customer calls, operational reviews, and quarterly executive debriefs. 

Position Responsibilities:

  • Manage a C3 Threat Hunting team (direct reports)

  • Lead the delivery of Managed Detection & Response (MDR) service processes, including threat event lifecycle management, Threat Hunting, and Threat Intelligence activities

  • Perform escalated event and incident support to the C3 Threat Hunting team and actively execute Threat Hunting activities in customer environments

  • Support the implementation and maintenance of Threat Intelligence practices, including IOC integration into MDR services and providing customer specific tactical and C-Level threat intelligence briefs

  • Develop, execute, and train staff on MDR service threat triaging, Threat Hunting, and Threat Intelligence processes

  • Enforce standards and processes to ensure high quality MDR service delivery (e.g. case management standards)

  • Work closely with the Cyber Research & Response team to ensure timely escalation and support for remote incident support engagements

  • Support customer service communications, including operational and executive level meetings and reporting

  • Identify, develop, communicate and implement process improvements to streamline C3 practices and enhance the customer experience

Qualifications:

  • Minimum of 3 years of IT security related work experience required

  • College Diploma or University Degree, preferably in technology, required

  • Strong technical experience in the implementation and maintenance of security processes, including threat event lifecycle management, Threat Hunting, and Threat Intelligence activities

  • Strong technical expertise with security operations technologies including but not limited to SIEM, EDR, Threat Intelligence, and SOAR platforms

  • Experience with some of the following technologies preferred:

    • Splunk, Azure Sentinel, SentinelOne, Crowdstrike, Microsoft Defender ATP

  • Experience working with security operations teams required

  • Familiarity with Agile methodologies such as Lean, Scrum and Kanban preferred

Send to Friend

Send to Friend