Job Summary: 

Key Responsibilities & Duties: 

• Working with the Director, Cybersecurity and as a member of the Cybersecurity team, deploy, maintain and upgrade security tooling, including vulnerability management, logging pipelines, SIEM, EDR, SOAR, and automation 
• Monitor security infrastructure activity and connectivity, diagnosing and resolving technical problems or gaps 
• Be a contributing voice in sourcing and implementation of relevant tools and countermeasures 
• Support the development of incident response plans, business continuity and disaster recovery documentation 
• Assess server infrastructure vulnerabilities and issues, maintaining technical liaison with vendors and suppliers 
• Advise and make recommendations on technical life cycle planning implementation, improving security controls within BCNET infrastructure 
• Employing technical expertise, collaborate with all cross-functional departments in developing, maintaining, and communicating solutions with BCNET staff and customers 
• Triage, analyze and prioritize security events, alerts and incidents; maintain documentation for both policy and auditable standards  
• Work independently to see operational projects to completion; work collaboratively with peers and other team members to meet objectives 
• Participate in the development of best practices, standards, processes and procedures across the technical stack 
• Maintain appropriate professional designations and up-to-date knowledge of security landscape 
• Occasionally required to provide after-hours support on a rotational basis or be available off-hours to aid in incident response, maintenance, or emergency infrastructure activities 

Qualifications & Skills: 

• Three to five years of relevant experience as a security analyst, systems/network administrator, network security engineer or security operations engineer  
• Proficiency in Windows and Linux server administration  
• Knowledge of computer networking, TCP/IP, routing and switching, firewalls, VPN  
• Command of Python, Bash, and PowerShell scripting 
• Experience developing SIEM correlation rules, reports and dashboards to detect emerging threats 
• Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls and web proxies 
• Proficiency in a variety of query languages (SQL, KQL, EQL) 
• Experience with virtualization systems like VMware ESXi, KVM or MS Hyper-V 
• College diploma or university degree in computer science or related fields or a suitable combination of education, experience, or other relevant training 

• Hands-on experience investigating common types of attacks such as brute-force, phishing, DLP, DDoS and data exfiltration 
• Experience with vulnerability and information security risk assessments 
• Knowledge of cybersecurity frameworks (NIST, CIS, ISO 27001) 
• Knowledge of investigative forensics and analysis of security incidents 
• Understanding of regular expressions, development of custom parsers 
• Hands-on experience with threat hunting and modeling aligned with MITRE ATT&CK TTPs 
• Experience with red and/or purple-teaming activities 

• Cybersecurity certifications from (including but not limited to) ISC2, ISACA, GIAC, OffSec 
• Familiarity with ELK stack, Jira, Confluence 
• Exposure to automation tools (i.e. Ansible, Puppet, Chef) 
• Experience working within the higher education sector

Benefits and Perks:

• Hybrid Work Model: Flexibility to work remotely and in our Downtown Vancouver office
• Health Benefits: Comprehensive coverage from day one, including extended health, dental, vision, and a wellness allowance.
• Defined Pension Plan: Secure your future with our defined benefits pension plan.
• Professional Development: Annual allowance for skill-building and growth opportunities.
• Paid Time Off: Generous vacation days, personal days, sick days and year-end office closure.
• Volunteer Day: One paid day annually to support a cause you care about.
• Inclusive Culture: Supportive workplace with team-building events and activities.
• Convenient Office Location: Easy access by transit and close to great coffee spots!

About BCNET