POSITION TITLE: IT Security Consultants (x4)
POSITION TYPE: Permanent - Full-time
LOCATION: Toronto, ON, Canada
COMPENSATION: Lucrative Base Salary - Based on experience
Our IT Solutions client is searching for an IT Security Consultants who will perform under high pressure in a collaborative team environment. It is critical for Consultants to use extensive technical knowledge and skills obtained through education and experience to perform the necessary tasks related to the driving the successful investigation of incidents and analysis projects to completion while ensuring the company meets the customer's goals. Consultants are to be skilled at communicating clear oral and written messaging on sensitive subjects from the CXO to the IT staff level.
Candidates applying must have strong skills in two of the following areas:
Computer Security Incident Response - Must be able to analyze output from various technologies in order to effectively investigative security incidents.
Applicants need to be able to ascertain and determine not only root cause and damage caused, and additionally identify the methods utilized by intruder, as well as ascertain the ongoing potential risk and exposure to the breached system and to the greater client environment. Candidates must be able to analyze event logs/system logs, from Windows Operating Systems, Unix/Linux Operating Systems, Cisco PIX/Switches/ Routers, Wireshark/Ethereal network captures.
Malware Analysis - Experience performing forensic analysis of Windows systems to identify and evaluate malware related compromise artifacts (3+ years)
- Malware analysis and reverse engineering (3+ years)
- Experience in building sandbox/test lab environments to evaluate malicious code
- Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data
- Scripting and programming experience (e.g., Python, Perl, C, C++, Java, Assembly Language, Shell Scripting)
- Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
Computer Forensics- Skilled in the use of Access Data's Forensic Took Kit and Guidance Software EnCase 3+ years experience requested. Candidates should have experience with both standalone and enterprise versions of forensic tools.
Candidates who support forensics are required to provide On-Call support and be able to travel on short notice. Candidates should be able to perform roles of evidence custodian, evidence collector, evidence imager, & evidence examiner. Candidates must be able to create ongoing process documentation for different investigation focuses as technology changes.
General Requirements - Be able to perform complex analytical tasks in high stress situations for extended periods of time. Candidates must be able to communicate with client executives up to CIO or CISO level. Candidates are required to carry a cell phone and provide 24/7/365 On-Call support for reported computer security incidents to a global client base. All candidates must be able to work 10-20% overtime. Candidates must be able to conduct service implementations for new clients. Ensure weekly and monthly reporting to client is performed. Assume ownership of escalated reported incidents and coordinate activities with Global Security Operations Center (GSOC) in support of incident investigations. Be able to clearly understand and articulate process and procedure documents within Incident Response, to security operations centers, account teams and client security organizations. Travel to client site or data centers may be required based on size and scope of the security incident.
- Has sufficient depth and breadth of technical knowledge to be individually responsible for the design and scope of deliverables within a field of expertise. Has led small team in delivery of a specific deliverable.
- Has mastered at least one technical discipline with strong knowledge in at least three major technology areas. Possesses advanced level of business, technical, or functional knowledge.
- Has ability to perform/drive resolution of problems on combinations and interactions of products. Ability to apply technology and consulting to solve a client business problem.
- Able to communicate and present complex issues with assurance and confidence. Demonstrates the use of consulting skills including: questioning, listening, ideas development, permission and rapport, and influencing.
- Ability to conduct/lead oral status/technical interchange meetings with clients on small to medium sized engagements.
- Owns and produces customer documentation. Ability to translate technical details into concise and easy to understand written form. Ability to write relevant components of a proposal document (e.g. answer specific RFP questions). Ability to translate verbal requirements from face to face client meetings into requirements documents, statements of work, and proposals.
- Able to discuss (within own area of expertise) requirements with a customer, and to challenge and clarify when appropriate. From the requirements, able to develop a high level design or plan, and then estimate the amount of effort required to deliver. Able to advise the engagement owner about the risks associated with this work package.
- Ability to work with a team to provide written responses to technical proposals and /or reports/documentation for delivery.
Education & Experience:
- 5+ years of professional experience and a Bachelor of Arts/Science in computer science or information security; candidates without a degree must have three additional years of relevant professional experience (8+ years in total)
- Must hold at least one of the following: CISSP, MCSE 2003 or greater, Solaris Certified Administrator, Access Data Certified Examiner, EnCase Certified Examiner, Cisco CCNA, SANS GCFA or GCIH.
We thank all applicants for their interest; however only those individuals whose skills closely match the position requirements will be contacted.