What do you think of when you hear the name MNP? Most likely tax and accounting, but as one of Canada’s largest consulting organizations, we’re so much more! We’re also serious about technology.
Make an impact with our Cyber Security & Privacy team as a Senior Member of our **Incident Management Team**. This diverse team of tech-savvy problem solvers understands clients’ unique needs and embraces the possibilities technology brings to an evolving business landscape. As a trusted advisor, you’ll enable clients to take a proactive and prepared approach to cyber crime and capitalize on new technologies and innovations to deliver business results as well as build and maintain customer trust. You will use a tailored approach to investigate threats, develop policies and enhance infrastructure to minimize the impact of security-related events and protect clients’ business operations and reputation.
At MNP Digital, we’re a team of highly skilled and creative thinkers that continuously support and learn from each other. We pride ourselves on translating our clients’ challenges into real results by leveraging technology - and that all starts with having the right people to deliver. We’ve created an environment where you’ll continuously grow, always have a voice and collaborate on work that’s meaningful and fulfilling. If you’re ready to take your career into your own hands, you’ve come to the right place.
• *Responsibilities**
- Support the design of incident management capability, framework, interaction models, operational procedures, and engagement delivery
- Oversee operational activates in relation to issues and incidents, taking action to coordinate response activities and resources
- Undertake and adapt to unique client requests and project types that cross cyber disciplines and expertise areas
- Support a culture of continuous development of both services and our people
- Assist in development of less experienced team members, explaining how performance expectations align with the business priorities, giving and receiving feedback effectively, creating a positive work environment, and being an effective role model
- Communicate engagement activities and technical findings effectively with both client technical SMEs and executive staff, preparing and delivering presentation materials to each
- Develops, maintains, and tracks quarterly and annual milestones and goals to develop and enhance the effectiveness of the Incident Management team
- Recommends and sets strategic goals and budget for operational and engagement activities, controls expenses in accordance with budgets
- Provide advice, expertise, counsel to senior leaders as input to business decisions on medium to long term strategic planning
- Work with and lead team members to conduct reconnaissance and intelligence gathering, host and network forensics, log analysis, malware analysis, threat intelligence gathering, red and purple team engagements, threat hunting and discovery mission engagements
- Support the development and use of scripts and tools by the team to execute collections and analysis
- Support the development and coordinate the operation of analysis tools and hardware
- Draft and facilitate tabletop exercises for both technical and executive audiences
- Develop reports and materials intended for both technical and executive audiences
- Work with both clients and vendors to troubleshoot and resolve issues
- Notify clients of any potential problems in their environment
- Be self-motivated and work independently
• *Skills and Experience**
- You can demonstrate experience of 7-9 years in cybersecurity, with at least 5+ years of incident response, SOC operations, and/or threat intelligence, and preferably 3+ years leading enterprise scale responses
- Posses a Post-Secondary Degree or Diploma in Cybersecurity, Information Security or Technology, Computer Science or related discipline
- Multiple cybersecurity certifications from a recognized institution (e.g. (ISC)2, ISACA, SANS)
- Functional knowledge of incident response technical foundations, theory, terminology (Kill Chain, TTPs, threat actors)
- Functional knowledge of response activities (scoping, sweeping, containment, remediation planning, investigation)
- Expert knowledge of:
- Malware and reverse engineering
- Network and host forensics
- Evasion techniques
- Security operations, processes, procedures, controls
- Strong knowledge of:
- Security and incident response of SCADA/ICS and Operational Technology
- Network protocols and covert channels
- Threat hunting and discovery missions
- Reconnaissance and intelligence gathering
- Understanding and applied experience with industry standards and frameworks (e.g. NIST 800-53 and CSF, ISO 27001 and 27002, CSC, PCI DSS)
- Experience and working knowledge of multiple information and security domains (e.g. privacy, IT operations, security platform administration and integrations, offensive security, audit and risk)
