Job Description

We are looking for a Security Incident Response Analyst.

Given the size and scope of our organization, we have the flexibility for this position to be located in the following office locations: Winnipeg, Toronto, London, Calgary, Edmonton, Vancouver.

Canada Life is seeking motivated individuals with a true passion for Cyber Security Incident Response.

• Are you passionate about protecting digital assets and defending against cyber threats?
• Are you skilled in incident response and eager to contribute to a dynamic and rapidly evolving field?
• Are you looking for an opportunity to work in a world-class cyber detection and incident response security operations capability?
• Are you interested in making a difference?

If so, we have an exciting opportunity for you as a Security Incident Response Analyst at Canada Life.

Role description

The Information Security Event Management Centre (iSEM Centre Global SOC) team reports to the Global Chief Information Security Officer and provides cyber detection, incident response, cyber threat intelligence and engineering and support services on behalf of the Global Enterprise.

Accountabilities:

What you will do

As a Security Incident Response Analyst, you will be part of a team that:

• Responds to cyber security incidents promptly, effectively, and efficiently.
• Investigate security incidents, assess the impact, and determine the root cause.
• Develop, implement, and maintain incident response playbooks and procedures to mitigate risks.
• Conduct live forensic analysis and gather evidence to support incident investigations.
• Collaborate with cross-functional teams to identify and perform threat hunt activities.
• Monitor security systems, logs, and alerts to identify potential security breaches.
• Stay up to date with the latest cyber threats, attack vectors, and industry best practices.
• Assist in the development, and enhancement of incident response tools and technologies.
• Prepare incident response reports and documentation for management and stakeholders.
• Prepare material and lead security incident tabletop sessions.
• Conduct post-incident analysis to identify areas for improvement and implement lessons learned.

Your highly detail-oriented analytic skills, technical knowledge and attention to detail will serve you well as you defend the enterprise from cyber threat actors.

Other accountabilities of this role include security reporting, analyzing threat intelligence and attending Critical Incident Response Team (CIRT) meetings. The Security Incident Response Analyst reports to the Director of Security Operations and will work under the Manager of Detection and Incident Response for the iSEM Centre. The Security Operation Centre is located in Winnipeg but this role is open to potential remote staffing.

What you will bring

Mandatory

• Certificate or degree from an accredited college or university
• Minimum of two years’ experience working in Security Operations Centre
• SANS GIAC Certification
• Experience with Incident Management systems (e.g., ServiceNow, Jira)
• Experience with programming languages (e.g., Python, PowerShell, Perl, C/C++)
• Knowledge of network protocols (e.g., IPv4/IPv6/TCP/UDP/DNS/HTTP)
• Knowledge of major operating systems (e.g., Windows, AIX, Linux)
• Extensive knowledge of security technologies (e.g., SIEM, IDS/IPS, EDR, Firewalls)
• Ability to read and interpret network diagrams and packet captures
• Experience in doing triage, investigation and remediation of security events received via tools such as SIEM, IPS, IDS, EDR, etc.
• Demonstrated teamwork skills
• Demonstrated ability to set goals and deliver results
• Ability to multi-task
• Ability to effectively manage change and stress
• Excellent verbal and written communicator
• Highly motivated and detailed oriented

Desirable

• Two or more years of direct experience in Security Incident Response, including some of: threat management, vulnerability assessment, monitoring and investigations
• Desired designations/certifications/licenses could include, SANS GCFA, GCIH, GCFE, GNFA, GREM, GCCC, Advanced Incident Handling – Carnegie Mellon, Security +, Network +
• Experience as a SOC analyst
• Experience with SIEM products
• Experience with scripting and coding (e.g. Python, Power Shell, Perl, VBA)
• Experience with problem, incident and change management response
• Familiar with ITIL processes
• Experience with writing or developing procedures and processes
• Completed, working towards or willing to attain Information Security Certifications (e.g. CISSP, Network +, Security +, SANS GCIA and GCIH)

We offer a challenging, team-oriented work environment. Competitive income benefits. Opportunities for professional/personal development and growth through world class training.

Be your best at Great-West Lifeco and Canada Life - Apply today!

Great-West Lifeco Inc. is a leading international financial services holding company headquartered in Canada with interests in life insurance, health insurance, retirement and investment services, asset management, and reinsurance businesses. It operates in Canada, the United States, and Europe under the brands: Canada Life, Canada Life Germany, Canada Life UK, Canada Life Reinsurance, Empower Retirement, Putnam Investments and Irish Life.

In Canada, Great-West Lifeco operates under the Canada Life brand, offering a broad portfolio of financial and benefit plan solutions and serves the financial security needs of more than 12 million customers. Globally our combined companies have approximately 24,500 employees, 205,000 advisor relationships, and thousands of distribution partners – all serving more than 30 million customer relationships across these regions.

Being a part of our organization means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You are part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

We would like to thank all applicants, however only those who qualify for an interview will be contacted.

#LI-Hybrid