Job Summary
Job Description
What is the Opportunity?
The role of the Senior Security Detection Engineer is to provide specialized subject matter expertise for the Detection Engineering & Onboarding (DEO) team, for RBC's Global Cyber Security.
This is a key technical role supporting mission critical enterprise network security operations and IT services protection.
This role will drive development using automation to new or existing use cases to reduce the overall mean time to detect and respond to incidents.
This role will be based in Vancouver to best support our US subsidiary, City National Bank (CNB).
With your proven experience, collaboratively lead our CNB / RBC technology and application partners to develop and implement mission critical cyber use cases for security monitoring supporting security operations and Security Operations Centre capabilities.
What will you do?
Provide global accountability to provide technical and subject matter expertise supporting cyber uses cases developed from security systems and infrastructure for security monitoring.
Work with CNB / RBC technology and / or application partners (Cybersecurity, Technology Infrastructure, SOC) to develop and strengthen use cases for continuous security monitoring.
Develop runbooks for those use cases that align with security operations processes and streamline the incident investigation and response tasks.
Work with Defensive Threat Operations Correlation Engineering to facilitate log ingestion and use case development in our SIEM platforms.
Periodically review use case library, perform attestation on existing use cases, participate in tuning discussions / activities and provide improvement recommendations where necessary / possible.
Develop and maintain lines of communication with various security groups, Security Operations Centre leadership and technology stakeholders
Develop processes to support a maturing program
Provide operational metrics and reports as needed
What do you need to succeed?
Must have :
Educational background in IT, Engineering, Cybersecurity and / or equivalent relevant experience
Demonstrated technical leadership ability
In-depth understanding of Security Operations and Security Technologies, with previous experience working in a SOC environment
Understanding of common exploitation techniques and awareness of new threats
Strong analytical and complex problem-solving skills
Expert understanding of SIEM technology and operations
Strong Networking and Enterprise IT Infrastructure knowledge with TCP / IP packet level knowledge
Nice-to-have :
Strong platform knowledge including Microsoft Windows and Unix / Linux Operating Systems
Strong knowledge of cloud platforms and cloud security
What's in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper.
We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
Leaders who support your development through coaching and managing opportunities
Ability to make a difference and lasting impact
Work in a dynamic, collaborative, progressive, and high-performing team
A world-class training program in financial services
Flexible work / life balance options
Opportunities to do challenging work
techpj
LI-hybrid
LI-post
Job Skills
Cloud Software, Communication, Cross-Departmental Collaboration, Cyber Operations, Cyber Security Management, Decision Making, Detail-Oriented, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security, Network Security Operations, Security Automation, Security Operations, SIEM Tools, Strategic Thinking, Threat Detection, Threat Monitoring, Use Case Documentation