Advisor Information Security


  • Company:
    BMO Harris Bank
  • Location:
  • Salary:
    negotiable / monthly
  • Job type:
    Full-Time
  • Posted:
    5 days ago
  • Category:
    IT & Software

Design, deploy, configure, administer and support Security Information Event Management (SIEM) and Enterprise Logging as a Service (LaaS) utilizing a large scale Splunk deployment to ensure availability, integrity and currency of the LaaS platform, gather use cases from the customer and configure and tune the deployment to match requirements, as well as creating and updating documentation to reflect the current operating environment, trouble shooting technical issues. Monitor infrastructure utilization, forecasting future needs, planning and deploying additional capacity to ensure adequate availability for current and future projects. Key Accountabilities: The role’s main responsibility as a Subject Matter Expert (SME) on SIEM and LaaS is to provide day-to-day management, deployment and configuration of index nodes, forwarders, search heads, ect on a large-scale Splunk deployment with a role in on boarding new log sources, gather use cases from the customer and configure and tune their deployment to match customer requirements, as well as updating documentation to reflect the current operating environment, platform management, administration and day-to-day support activities, including monitoring the environment with performance tools, maintaining optimal configuration and technical policy management. Design, deploy, configure, administer and support Security Information Event Management (SIEM) and Enterprise Logging as a Service (LaaS) utilizing a large scale Splunk deployment to ensure availability, integrity and currency of the LaaS platform, gather use cases from the customer and configure and tune the deployment to match requirements, as well as creating and updating documentation to reflect the current operating environment, trouble shooting technical issues. Monitor infrastructure utilization, forecasting future needs, planning and deploying additional capacity to ensure adequate availability for current and future projects. Key Accountabilities: The role’s main responsibility as a Subject Matter Expert (SME) on SIEM and LaaS is to provide day-to-day management, deployment and configuration of index nodes, forwarders, search heads, ect on a large-scale Splunk deployment with a role in on boarding new log sources, gather use cases from the customer and configure and tune their deployment to match customer requirements, as well as updating documentation to reflect the current operating environment, platform management, administration and day-to-day support activities, including monitoring the environment with performance tools, maintaining optimal configuration and technical policy management. Knowledge & Skills: Completion of a Bachelor’s degree or equivalent program in Computer Science, Management Information Systems or similar field is strongly preferred. 7 – 10 years of relevant experience, with a minimum of 5 years work experience in configuring, implementing and administering Security tools and delivering security services. Experience must include implementation and configuration management of multiple security tools and delivery of security services in large enterprise environments. Security monitoring practices Security signature generation methods and techniques Creating and maintaining LaaS content development including reports, dashboard, rules and alerts to assist in detection of threats, reporting requirements, and efficiency in event monitoring. Security signature generation methods and techniques Create technical documentation around the operations, procedures, and content. Monitor the health and performance of the LaaS platform and work with supporting teams to consult on actions required. Work with various teams to resolve issues that may arise with log sources, LaaS host patching, connectivity etc. Coordinate escalations to internal teams to ensure timely delivery of incident resolutions. Work with the vendor for support and troubleshooting. Event flows (i.e. Syslog) Familiarity with enterprise security tools such as IDS/IPS, Anti-Virus, Malware Gateway, Messaging Servers, Firewalls and Internet Proxy Active Directory/LDAP Security Information Event Management (SIEM) ArcSight ESM Log management tools (i.e. Splunk/ArcSight) Three tiered application model Cloud computing Virtualization Network design and operation Familiarity with Hadoop and Database technologies Unix or Linux shell environments Experience working in a corporate enterprise environment Proficient in technical writing and communication Security certification such as: CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security. Prior participation and responsibilities for 24×7 on-call schedule for technical support. Knowledge of regulatory and compliance-driven processes and activities to ensure enterprise compliancy to internal policies and regulatory requirements. Experience with defining, generating and operationalizing security metrics. Excellent oral and written communication skills required. Prior financial services institution experience a plus. We’re here to help At BMO we have a shared purpose; we put the customer at the centre of everything we do – helping people is in our DNA. For 200 years we have thought about the future—the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we’re changing the way people think about a bank. As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset. To find out more visit us at https://bmocareers.com/ . BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. Knowledge & Skills: Completion of a Bachelor’s degree or equivalent program in Computer Science, Management Information Systems or similar field is strongly preferred. 7 – 10 years of relevant experience, with a minimum of 5 years work experience in configuring, implementing and administering Security tools and delivering security services. Experience must include implementation and configuration management of multiple security tools and delivery of security services in large enterprise environments. Security monitoring practices Security signature generation methods and techniques Creating and maintaining LaaS content development including reports, dashboard, rules and alerts to assist in detection of threats, reporting requirements, and efficiency in event monitoring. Security signature generation methods and techniques Create technical documentation around the operations, procedures, and content. Monitor the health and performance of the LaaS platform and work with supporting teams to consult on actions required. Work with various teams to resolve issues that may arise with log sources, LaaS host patching, connectivity etc. Coordinate escalations to internal teams to ensure timely delivery of incident resolutions. Work with the vendor for support and troubleshooting. Event flows (i.e. Syslog) Familiarity with enterprise security tools such as IDS/IPS, Anti-Virus, Malware Gateway, Messaging Servers, Firewalls and Internet Proxy Active Directory/LDAP Security Information Event Management (SIEM) ArcSight ESM Log management tools (i.e. Splunk/ArcSight) Three tiered application model Cloud computing Virtualization Network design and operation Familiarity with Hadoop and Database technologies Unix or Linux shell environments Experience working in a corporate enterprise environment Proficient in technical writing and communication Security certification such as: CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security. Prior participation and responsibilities for 24×7 on-call schedule for technical support. Knowledge of regulatory and compliance-driven processes and activities to ensure enterprise compliancy to internal policies and regulatory requirements. Experience with defining, generating and operationalizing security metrics. Excellent oral and written communication skills required. Prior financial services institution experience a plus. We’re here to help At BMO we have a shared purpose; we put the customer at the centre of everything we do – helping people is in our DNA. For 200 years we have thought about the future—the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we’re changing the way people think about a bank. As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset. To find out more visit us at https://bmocareers.com/ . BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. Information TechnologyInformation TechnologyCanada-Ontario-BarrieCanada-Ontario-BarrieGITRM-X000060GITRM-X000060full-timefull-time11/13/1811/13/1801/13/1901/13/19