Senior Incident Response Analyst (Gcs)

Job Summary

Job Description

WHAT IS THE OPPORTUNITY?

The role of the Senior Incident Response Analyst is to provide technical security expertise and support for the Incident Response team within the Cyber Security Operations Center (CSOC).

This is an important role supporting mission critical enterprise networks and IT services protection for City National Bank (CNB), a subsidiary of RBC.

This role will provide technical expertise and analysis to the proactive and reactive responses of information security threats against CNB’s global environment.

This role is also responsible for initial notification to CNB stakeholders, the CSOC Manager, and the technical specialists that are required to implement remediation actions.

The Senior Incident Response Analyst is responsible for coaching and mentoring, case review as well as challenge and verify adherence to Incident Response procedures.

This role will also maintain awareness of emerging/advanced threats and assist in driving efficient security solutions to address the evolving threat landscape.

This role partners with CNB CSOC & RBC leadership to further the organization's Intelligence-led Security and Resilient Services objectives.

WHAT WILL YOU DO?

• Global accountability to respond to critical security incidents, providing accurate and timely reporting to CSOC and Global Cyber Security (GCS) leadership
• Provide support for high risk security incidents impacting mission critical business and IT infrastructure, including supporting global incident management and response, remediation and reporting. 
• Provide post mortem reporting for leadership detailing security vulnerabilities, technology gaps, shortcomings or miscellaneous security issues.
• Collaborate with partner groups in the development of new detections, dashboards, process automations, and Standard Operating Procedures
• Develop, distribute and present technical findings with regards to threats, attack vectors and mitigation techniques including the creation and tracking of security metrics
• Responsible for working with stakeholders and extended teams to ensure global compliance to Enterprise standards with respect to security incidents and related findings.

WHAT DO YOU NEED TO SUCCEED?

Must have:

• Bachelor’s degree in Computer Science or related field, or equivalent experience
• Industry recognized certifications (ISC2, SANS, ISACA, etc..)
• Demonstrated experience performing investigation activities for security related events in a complex Incident Management or Security Operations Center environment.
• Strong platform knowledge including Microsoft Windows and Unix/Linux Operating Systems
• Thorough understanding of SIEM technology and security related controls (IDS/IPS, WAF, NDR/EDR, etc)
• Experience with malware analysis
• Thorough understanding of Security Information and Incident Management methodologies.
• Strong written and verbal communication skills
• Strong analytical and complex problem-solving skills
• Availability for rotating pager duty for holidays, after hours emergency support

Nice-to-have: 

• Experience with SOAR products
• Familiarity with Windows/Unix scripting languages (bash, python, regex, PowerShell, etc..)
• Strong Networking knowledge with TCP/IP packet level knowledge
• Knowledge of cybersecurity frameworks (Cyber Kill Chain, NIST, MITRE ATT&CK, etc..)

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
 

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• A world-class training program in financial services
• Flexible work/life balance options
• Opportunities to do challenging work

#techpj

#LI-hybrid

Job Skills

Business Perspective, Critical Thinking, Decision Making, Detail-Oriented, Forensic Computing, Information Security Operation Center (ISOC), IT Incident Management, Problem Solving, Security Information and Event Management (SIEM), Threat Management

Additional Job Details

Address:

VANCOUVER MAIN BRANCH (B), 1055 GEORGIA ST W:VANCOUVER

City:

VANCOUVER

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

Technology and Operations

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2024-02-27

Application Deadline:

2024-03-29

Inclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
​​​​​​​
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.

Career development, Competitive pay, Equity, Flex hours, Team events