Security Analyst, Triage and Monitoring in City of London

What is the opportunity?

You will be a key member of the Threat Monitoring and Triage team as an experienced Security Analyst. You will provide technical expertise and leadership support to proactive and reactive responses to cyber threats targeting RBC\'s global environment. You will focus on performing first line investigation and response actions, including the triaging of security detections and escalation of security incidents. You will also be responsible for maintaining awareness of emerging and advanced threats, and driving efficient security solutions to address the evolving threat landscape. This position will partner with Global Cyber Security (GCS) stakeholders and leadership to achieve the organisation\'s Intelligence-led Security and Resilient Services objectives.

RBC’s expectation is that all employees and contractors will work in the office with some flexibility to work up to 1 day per week remotely, depending on working arrangements.

What will you do?

• You will respond to and investigate complex security detections across multiple environments and technologies in a timely manner
• Provide 7/24 support (rotational basis) for high severity incidents escalated from security vendors, security partners and the business
• Perform technical investigation and triage activities of security alerts based on potential impact and risk to the organization
• Escalate confirmed threats to SOC management and the Incident Response team as required based on criticality
• Maintain awareness of detection trends and alert metrics in order to enhance our security controls and overall defensive strategy
• Derive insights from day-to-day cyber investigations to identify security gaps and improve the organization\'s security posture
• Partner with detection engineers to enhance security monitoring rules and reduce false positive alerts
• Assist in the proactive hunting of unknown threats and suspicious activities within the environment as required

What do you need to succeed?

Must-have

• Bachelor’s degree in computer sciences and/or IT related disciplines and Certifications in information security preferred (one or more of the following: CISSP, GCIA, GCIH, GREM, CEH)
• Proven experience in a SOC environment
• Significant experience in performing investigation and triage activities of security events
• Exposure to malware and sandbox analysis
• Robust computer networking & OS knowledge

Nice-to-have

• Experience with SOAR platforms
• Familiarity with threat hunting techniques and scenarios
• Knowledge in detection engineering
• Understanding of current threat landscape and threat actor TTPs
• Experience with scripting languages (PowerShell, Python, regex, bash, etc.)
• Industry recognized certifications from ISC2, SANS, ISACA, etc.

What is in it for you?

We thrive on the challenge to be our best - progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• Help to develop the ethos and environment of a new team.
• Leaders who will support your development through coaching and managing opportunities
• Have the opportunities to work with the best in the field
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team

Agency Notice

RBC Group does not accept agency résumés. Please do not forward résumés to our employees, nor any other company location. RBC Group only pay fees to agencies where they have entered into a prior agreement to do so and in any event do not pay fees related to unsolicited résumés. Please contact the Recruitment function for additional details.