Junior Cybersecurity Specialist - Incident Response

Questrade Financial Group • 105, 1 Teryan St, Yerevan 0009, Armenia • 16h ago

As the fastest growing online brokerage in Canada, Questrade is committed to helping Canadians become much more financially successful and secure. Our vision is to revolutionize financial services by offering the most innovative and cost efficient financial services – including banking.

Questrade is home to a unique environment, where our culture thrives and, most importantly, we get stuff done! Questrade is continuing with its digital transformation initiative, and our infrastructure footprint is growing beyond our data centers and into the Google Cloud Platform, on an exciting strategy that is driven by business value.

Join us to help leverage the data we have, as we solve exciting challenges such as building out new models, algorithms and solving complex business problems to grow and deliver customer-centric solutions in a multi-product/multi-channel financial services environment.

What’s it like working as a Junior SOC Specialist, Incident Response, at Questrade?

Your contribution delivering sustainable and measurable results in the following areas will be very important:

Identifying and responding to cyber threats - safeguarding our company's infrastructure and data. You will be primarily involved in supporting the alert development cycle, triaging and investigating alerts, assisting with the incident response lifecycle (investigation, containment, eradication, and recovery) and collecting and tracking metrics for reporting. You will be working alongside internal customers and our vendor support teams to ensure we are utilizing our security tools in accordance with corporate policies and growing business needs. You will work closely with Cybersecurity and IT teams to align priorities and execute plans for new initiatives, as well as contribute to process improvements and build documentation for new tools.

Need more details? Keep reading...

You will:

Monitor, analyze and report possible cybersecurity attacks.
Assist senior analysts with investigations and escalate findings as needed.
Investigate and perform analysis of threat indicators.
Gather Indicators of compromise and any relevant data to use with threat hunting activities.
Leverage security tools (Elastic, CrowdStrike and more) for analysis to identify malicious activities.
Analyze identified malicious activity to determine Tactics, Techniques and Procedures.
Assist with research, analysis and correlate gathered data from various resources to determine the impact of the incident.
Execute containment and eradication actions under guidance, following established playbooks.
Participate in on-call and hands-on scheduled shift rotations, including outside of business hours.
Support Security Incident Response and investigation alongside internal teams and 3rd party providers.
Document incident timelines, evidence, and actions taken for post-incident review.
Participate in post-incident reviews and contribute to lessons-learned reports.
Follow and contribute to incident response playbooks and runbooks.
Participate in tabletop exercises and IR simulations.
Assist with proactive security investigation and searches on corporate environments to detect malicious activities.
Maintain up-to-date understanding of security threats, countermeasures, security tools, cloud security and SaaS technologies.
Maintain technical proficiency through training, keeping up with industry best practices, and security frameworks.
Escalate investigation findings and security concerns to senior team members.
Contribute to tracking SOC operational metrics (MTTD, MTTR, alert fidelity).

So are YOU our next Junior SOC Specialist, Incident Response? You are if you have…

1+ years of relevant experience in performing Cybersecurity Incident Response and Threat Hunting activities.
Familiarity with detection rules and alert logic.
Exposure to security tool integrations and basic understanding of SOAR concepts.
Familiarity with investigations and incident response using EDR tools such as CrowdStrike Falcon and SIEM tools such as Elastic Security (KQL, ESQL, Timeline analysis).
Basic understanding of forensic triage (disk, memory, network) and multiple operating systems (Mac, Linux, Windows).
Familiarity with SOC processes, playbooks, and incident reports.
Ability to communicate clearly and work effectively under pressure.
Basic understanding of programming and scripting concepts.
Basic understanding of NIST Cybersecurity Framework, MITRE ATT&CK.
Basic understanding of security products and device monitoring tools including Firewalls, IDS/IPS, Phishing and e-mail security, content filtering, DDoS, WAF, and more.

Brownie points if…

GSEC, Security+, CySA+, CSA, CEH or similar relevant certifications.

Sounds like you? Click below to apply!

At Questrade Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment. We value the unique skills and experiences each individual brings, and believe that when our teams feel supported and motivated, their creativity becomes a source of innovation. We are also committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and also one which reflects the diversity of the communities we serve and operate in to help us revolutionize financial services for the benefit of all of our customers.

Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment/selection process, please let us know and we will work with you to meet your needs.