Security Analyst, Incident Response

Job Description
What is the opportunity?
You will be a key member of the RBC Global Security Incident Response team as an experienced Security Analyst. This is a key role within the Global Security Operations Centre (GSOC). You will be providing technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment. You will report to the Senior Manager, Incident Response and works with a team of 4-6 technical specialists. You will act as the focal point of contact for GSOC management with regards to security incidents. You will support local and extended team members with critical incidents impacting RBC users, systems, infrastructure, and resources.

RBC's expectation is that all employees and contractors will work in the office with some flexibility to work up to 1 day per week remotely, depending on working arrangements.
What will you do?

• Global accountability to respond to critical security incidents/events providing accurate and timely reporting to Global Cyber Security Leadership.
• Provide 7/24/365 support for security incidents impacting mission critical business and IT infrastructure, including supporting global incident management and response, remediation and reporting.
• Support and maintain communication with Computer Security Incident Response Team (CSIRT) extended team members ensuring timely communication to all stakeholders regarding incident response activities.
• Provide post mortem reporting for leadership detailing security vulnerabilities, technology gaps, shortcomings or miscellaneous security issues.
• Responsible for working with threat intelligence, Security Operations Centre and extended teams to ensure global compliance to RBC standards with respect to security incidents and related findings.
• Responsible for driving to resolution security incidents in a timely and effective manner.
• Work collaboratively with Cybersecurity Command Centre technical analysts, specialists and management to detail and report on the status and resolution of critical incidents.
• Execute incident response actions and engage with business/technical stakeholders.

What do you need to succeed?
Must-have

• Bachelor's degree in computer sciences and/or IT related disciplines and Certifications in information security preferred (one or more of the following; CISSP, GCIA, GCIH, GREM, CEH).
• Demonstrated experience performing investigation activities for security related events in a complex Incident Management or Security Operations Center environment.
• Thorough understanding of Security Information and Incident Management methodologies.
• Proven experience in a SOC environment
• Exposure to malware and sandbox analysis
• Robust computer networking & OS knowledge

Nice-to-have

• Experience with SOAR platforms
• Familiarity with threat hunting techniques and scenarios
• Knowledge in detection engineering
• Understanding of current threat landscape and threat actor TTPs
• Experience with scripting languages (PowerShell, python, regex, bash, etc.)
• Industry recognized certifications from ISC2, SANS, ISACA, etc.

What is in it for you?
We thrive on the challenge to be our best - progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• Help to develop the ethos and environment of a new team.
• Leaders who will support your development through coaching and managing opportunities
• Have the opportunities to work with the best in the field
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team

Agency Notice
RBC Group does not accept agency resumés. Please do not forward resumés to our employees, nor any other company location. RBC Group only pay fees to agencies where they have entered into a prior agreement to do so and in any event do not pay fees related to unsolicited resumés. Please contact the Recruitment function for additio
nal
details.
Job Skills
Business Perspective, Critical Thinking, Decision Making, Detail-Oriented, Forensic Computing, Group Problem Solving, Information Security Operation Center (ISOC), IT Incident Management, Security Information and Event Management (SIEM), Threat Management

Additional Job Details
Address:
100 BISHOPSGATE:LONDON

City:
London

Country:
United Kingdom

Work hours/week:
35

Employment Type:
Full time

Platform:
TECHNOLOGY AND OPERATIONS

Job Type:
Regular

Pay Type:
Salaried

Posted Date:

Application Deadline:

Note
:
Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
I
*nclusion*
and Equal Opportunity Employment
At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities