Senior Security Analyst (Global Security)
Job Summary
Job Description
What is the Opportunity?
The RBC Threat Monitoring & Triage team is looking for an experienced Senior Security Analyst to join its team. This is a key role within the Security Operations Centre (SOC). The successful candidate will be providing technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment.This role will focus on performing first line investigation and response actions, including the triaging of security detections and escalation of security incidents. The Senior Security Analyst will also be responsible for maintaining awareness of emerging and advanced threats, and driving efficient security solutions to address the evolving threat landscape.
This position will partner with Global Cyber Security (GCS) stakeholders and RBC leadership to achieve the organization's Intelligence-led Security and Resilient Services objectives.
What will you do?- Respond to and investigate complex security detections across multiple environments and technologies in a timely manner
- Provide 7/24 support (rotational basis) for high severity incidents escalated from security vendors, GCS partners and the business
- Perform technical investigation and triage activities of security alerts based on potential impact and risk to the organization
- Escalate confirmed threats to SOC management and the Incident Response team as required based on criticality
- Develop, distribute and present technical findings regarding threats, attack vectors and detection techniques
- Maintain awareness of detection trends and alert metrics in order to enhance our security controls and overall defensive strategy
- Derive insights from day-to-day cyber investigations to identify security gaps and improve the organization's security posture
- Partner with detection engineers to enhance security monitoring rules and reduce false positive alerts
- Collaborate with SOAR engineers to optimize and automate detection and response capabilities
- Document, mature and maintain Triage Standard Operating Procedures (SOP)
- Assist in the proactive hunting of unknown threats and suspicious activities within the environment as required
What do you need to succeed?
Must have:
- Minimum 3 years of experience in a SOC environment
- Significant experience in performing investigation and triage activities of security events
- Advanced understanding of SIEM platforms
- Solid knowledge of security tools (NDR, EDR, IDS/IPS, WAF, etc.)
- Exposure to malware and sandbox analysis
- Knowledge of cybersecurity frameworks (Cyber Kill Chain, NIST, MITRE ATT&CK, etc.)
- Robust computer networking & OS knowledge
- Availability for rotating pager duty support for after hours and holidays
- Excellent work ethics, problem-solving and verbal/written communication skills
Nice-to-have:
- Experience with SOAR platforms
- Familiarity with threat hunting techniques and scenarios
- Knowledge in detection engineering
- Understanding of current threat landscape and threat actor TTPs
- Cloud security experience
- Experience with scripting languages (PowerShell, python, regex, bash, etc.)
- Some exposure to purple team activities
- Bachelor’s degree in Computer Science or related field
- Industry recognized certifications from ISC2, SANS, ISACA, etc.
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.
- Leaders who support your development through coaching and managing opportunities.
- Ability to make a difference and lasting impact.
- Work in a dynamic, collaborative, progressive, and high-performing team.
- Flexible work/life balance options.
- Opportunities to do challenging work.
- Opportunities to take on progressively greater accountabilities.
- Opportunities to building close relationships with clients.
#LI-Hybrid
#LI-POST
#TECHPJ
Job Skills
Confidentiality, Cyber Security Management, Decision Making, Detail-Oriented, Encryption Software, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security
Additional Job Details
Address:
330 FRONT ST W:TORONTO
City:
TORONTO
Country:
Canada
Work hours/week:
- 5
Employment Type:
Full time
Platform:
TECHNOLOGY AND OPERATIONS
Job Type:
Regular
Pay Type:
Salaried
Posted Date:
2025-04-25
Application Deadline:
2025-05-19
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
Inclusion and Equal Opportunity Employment
At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities.RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.
Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.