Back to All Jobs
KITCHENER, ON, Canada
4 days ago
Security Developer 4-Canada

Responsibilities:
•         Performing investigation of intensified notable events 
•         Initial collection of evidence related to called-out security events
•         Collection of evidence related to compliance audits
•         Validation and regular review of processes and procedures
•         Identification, issue, and follow-up on false positives
•         Process initial mitigation and containment procedures
•         Create and maintain reporting related to security events
•         Coordinate with service and operations teams to validate security events and anomalous activity
•         Resolve and report on possible causes of security events and alerts
•         Operate security tools for continual monitoring and analysis of system/network activity to identify malicious activity
•         Assist in the construction of security alerts and processes based on knowledge gained from daily monitoring and triage
•         Advise designated managers, and responders of suspected cyber incidents including the event's history, status, and potential impact
•         Supervise external data sources to maintain basic knowledge of threat conditions
•         Recognize a possible security violation and take appropriate action to raise the incident, as required

Knowledge
•         Solid grasp of:
•         Computer networking concepts and protocols, and network security methodologies
•         Host/network access control mechanisms
•         Intrusion detection methodologies and techniques
•         How traffic flows across the network (TCP/IP, OSI, ITIL)
•         System and application security threats and vulnerabilities
•         Types of network communications (LAN, WAN, MAN, etc)
•         File extensions (.zip, .sh, .pcap, .bat, .dll, .py, etc)
•         Interpreted and compiled computer languages
•         Common charge vectors
•         Attack classes (passive, active, insider, distributed, etc)
•         Incident response and handling methodologies
•         Authentication, authorization, and access control methods
•         Information technology (IT) security principles and methods
•         Network traffic analysis methods
•         Operating systems
•         Cyber attackers
•         Defense-in-depth principles
•         System administration, network, and operating system hardening techniques
•         Cyber attack stages
•         Network security architecture concepts
•         Windows/Unix ports and services
•         Operating system command-line tools
•         Network protocols
•         Running knowledge of cyber threats and vulnerabilities
•         Understanding security events related to:
•         Operating system (Linux and Windows) logs
•         Database logs
•         VPN logs
•         Knowledge of adversarial tactics, techniques, and procedures
•         Understanding the use of the following:
•         Network tools (ping, traceroute, nmap, etc)
•         Host base tools (Tanium, basic Linux and Windows native tools)
•         SIEM (Splunk, ELK, Lumberjack, Splunk Enterprise Security, etc)
•         Understanding of cybersecurity and privacy principles and related organizational requirement

Skills
•         Detecting host and network-based intrusions via intrusion detection technologies
•         Using protocol analyzers
•         Recognizing and categorizing types of vulnerabilities and associated attacks
•         Reading and interpreting signatures
•         Conducting trend analysis
•         Evaluating information for reliability, validity, and relevance
•         Identifying cyber threats that may jeopardize the organization and/or partner interests
•         Preparing and presenting briefings
•         Providing analysis to aid writing phased after action reports
•         Using Boolean operators to construct simple and sophisticated queries
•         Using multiple analytic tools, databases, and techniques
•         Using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches
•         Applying virtual collaborative workspaces and/or tools (Zoom, JIRA, Confluence, Oradocs, Slack, etc)
•         Performing packet-level analysis
•         Using a SIEM to detect, research, and perform initial triage of security events
•         Exercising good judgment in calling out security events

Abilities
•         Think critically
•         Ability to think like threat actors
•         Apply techniques for detecting host and network-based intrusions using intrusion detection technologies
•         Interpret the information collected by network tools
•         Recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists
•         Effectively collaborate with virtual and remote teams
•         Evaluate information for reliability, validity, and relevance
•         Exercise judgment when policies are not well-defined
•         Function reliably in a dynamic, fast-paced environment
•         Ability to function in a collaborative environment, seeking continuous consultation with other analysts and guides, both internal and external to the organization, to demonstrate analytical and technical expertise
•         Recognize and mitigate cognitive biases that may affect analysis.

Other Requirements and Expectations
•         Other tasks and duties as assigned
•         Work effectively within a remote team including effective, constant, and collaborative communication with all members of the NSGBU SOC

Career Level - IC4

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from Oracle
6 Oracle jobs in Kitchener, ON 14 Oracle jobs in ON 125 Oracle jobs in CA
Next Job »
Search Jobs Oracle Kitchener, ON Apply Later
Processing Unique Jobs for You: