Share this Job
Apply now »

Senior Intrusion Response Analyst

Location: 

Vancouver, BC, CA

Closing Date: September 30, 2020

Maintaining a well-secured environment is crucial to ensuring that everyone goes home safely every single day. This role is substantial to that goal.

Together with the Cyber Security Incident Response Team (CSIRT) Manager, the Senior Intrusion Response Analyst will be committed to Digital Forensic & Intrusion Response, with a focus on host-based intrusions, and recognized as a specialist in the Digital Forensic and Incident Response domain.

 

Functional Overview:

  • Reactive Incident Management: conduct, investigative and lead remedial activities to minimize impact and ensure the complete remediation of security incidents.
  • Pro-Active Incident Response: engage proactively in incident response threat hunting and threat emulation activities.
  • Threat Intelligence: remain apprised of current and emerging threats ensuring a clear understanding of the threat landscape is maintained and recognized by all partners.
  • Education and Training: assist in the development and execution of training activities ensuring end-user awareness across multi-functional teams.
  • Projects: support other teams within IS as the security liaison providing security advisory services and ensuring security risks are identified proactively.

 

Responsibilities:

Forensics Incident Response

  • As the Tier-3 specialist, undertake a detailed investigation of technical incident responses and host-based forensic scanning.
  • Perform end-to-end, incident response assessments for transactional security incidents.
  • Participate in an on-call rotation to provide after-hours support for issues and high severity incidents.
  • Conduct digital forensic investigations in the GCP and Azure cloud environments.

Threat Emulation

  • Participate in threat emulation, red-teaming or purple-teaming initiatives and documentation.
  • Evaluate the efficacy of security systems, incident response process, and mitigations.
  • Identify gaps in access points, tools, incident response data set, and processes.
  • Develop improvements and address gaps within defenses by continuously updating system workflows and processes as needed.

Threat Intelligence

  • Actively conduct research into any risks and threats required in the concept, design, and recommendation of appropriate countermeasures.
  • Ensure threat intelligence research is thoroughly catalogued and relevant via threat summary and issues reporting.
  • Provide and share IOCs from research to external parties such as the Mining & Metals ISAC (MM-ISAC) and Canadian Cyber Incident Response Center.

Threat Hunting

  • Participate in proactive intelligence initiated threat hunting initiatives.
  • Develop repeatable process
  • Analyze enterprise data set for indicators of compromise.
  • Report, advance and remediate anomalous events.

Training/ Security Awareness

  • Advocate for increased cyber security where required for the safe operation of the business.
  • Develop security training materials, plan, and deliver internal security training.

CSIRT Continuous Process Improvement

  • Participate in the creation, improvement, and updating of CSIRT processes.
  • Develop custom CSIRT tools, scripts and integrations that provide automation to tasks and increase IR capabilities.

Other

  • Other security team tasks and projects as assigned.

 

 

Qualifications:

  • Prior experienced in the niche domain is desirable.
  • Previous experience with MS Azure is desirable.

 

 

At Teck, we value diversity. Our teams work collaboratively and respect each person’s unique perspective and contribution.

Qualified applicants interested in joining a dynamic team are encouraged to submit a resume and cover letter electronically.

We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted. Your application to this posting is deemed to be your consent to the collection, use and necessary disclosure of personal information for the purposes of recruitment. Teck respects the privacy of all applicants and the confidentiality of personal information.

Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal, zinc and energy. Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.

The pursuit of sustainability guides Teck’s approach to business. Teck is building partnerships and capacity to confront sustainability challenges within the regions in which it operates and at the global level. In 2019, Teck was named to the Dow Jones Sustainability World Index (DJSI) for the tenth straight year, indicating that Teck’s sustainability practices rank in the top 10 per cent of the world’s 2,500 largest public companies in the S&P Global Broad Market Index. 

 Learn more about Teck at www.teck.com or follow @TeckResources

Apply now »