Job Specifications
Who are we?
At Finastra, we are a dynamic global provider of open finance software solutions, dedicated to expanding access to financial services. Our innovative applications span Lending, Payments, Treasury and Capital Markets, and Universal Banking. Proudly serving over 8,000 customers, including 45 of the world's top 50 banks, we aim to boost financial inclusion for all. Join us and be part of a vibrant company that embraces diverse perspectives and is committed to doing well by doing good.
About The Role
Finastra’s Cyber Security Operations team is at the front line of detecting, monitoring for and responding to cybersecurity incidents within the global infrastructure. The Security Operations Center Analyst will have a crucial role in defending the enterprise network from potential and active threats. You will be agile, willing to learn and able to think outside of the box in order to operate effectively in a dynamic threat landscape. You will have the opportunity to work with cutting edge tools to monitor and defend the enterprise and customers from a wide array of cyber threats.
Responsibilities & Deliverables
As a Security Operations Center Analyst, your deliverables will include, but not limited to, the following:
Providing first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network intrusions.
Following defined workflow and processes for threat remediation and escalation/handoff where required.
Utilizing a variety of cloud-based and on-premises security tools and techniques to proactively analyze suspicious events, network anomalies and other potential threats to determine validity, impact, scope and recovery options.
Using automated malware analysis tools to determine threat impact and taking actions appropriately.
Support and administration of security tools and platforms in diverse, cloud-based and on-premises environments.
Configuring and monitoring Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firm’s Managed Security Services Provider (MSSP) services
Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing. Expanding the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics
Required Skills & Experience
Four or more years of relevant work experience.
Experience in an Operations Center (SOC/NOC) / monitoring environment.
Experience working with SIEM technologies (e.g., ArcSight, QRadar, Splunk, Azure Sentinel, etc.) or Managed Security Service Providers (MSSP).
Experience with threat monitoring procedures.
Demonstrable knowledge of threats, attacks, logs, operating systems and security technology (firewalls, anti-malware, proxies, etc.)
Cybersecurity experience in the financial industry.
Knowledge and understanding of cyber risks and security issues in cloud-based and on-premises environments
Knowledge of cyber security techniques, platforms and technologies (Enterprise Antivirus, IDS, deep packet inspection and host/network threat analysis).
Knowledge of networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), system administration and/or security architecture.
Knowledge of common enterprise Operating Systems (Windows 10, Windows Server, Linux, etc.)
Knowledge of the fundamentals of mobile platforms: iOS, Android.
Excellent verbal and written communication skills.
Strong troubleshooting skills.
Ability to work well both independently and in a highly collaborative environment.
Ability to manage multiple priorities in a high pressure environment.
Effective organizational skills.
Education/Certifications
Bachelor's degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not required.
Certification in one or more of the following areas is desired but not required: GIAC Security Essentials Certification (GSEC), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Windows Security Administrator (GCWN), GIAC Certified UNIX Security Administrator (GCUX), GIAC Continuous Monitoring Certification (GMON), GIAC Certified Perimeter Protection Analyst (GPPA), GIAC Certified Detection Analyst (GCDA), Certified Information Security Professional (CISSP)
Additional Details
Business address & location of work: 5995 Avebury Rd, 2nd floor, Mississauga, Ontario, L5R 3P9
Terms of employment: Permanent
Hours of work: 7.5/day & 37.5/week
Language of work: English
Compensation offered: Salary range - $99,000 - $101,800+ 10% annual target bonus
Benefits offered: Medical, Dental & Vision, life insurance, retire