About

• Job Description
• ADGA is hiring multiple Senior IT Security Systems Operators to work in a Security Operations Centre for our client. The Security Operations Centre (SOC) cyber defence services include monitoring, analysis and
• response to cyber threat activity, as well as engineering, integration and operation of a variety of cyber
• security technologies.

The resources will provide the following cyber defence services on a full-time basis

• In-depth technical expertise in support of cyber security operations (monitoring, detection, analysis, response)
• Engineering and implementation of complex analytics for detecting cyber threat activity
• In-depth technical expertise in cyber threat tactics, techniques and procedures, as well as malware reverse-engineering and cyber forensics
• Analyze Protocols (HTTP, FTP, SMTP, DNS, TLS, S-MIME, IPSec, SSH)
• Research technical details of cyber attack activity, documents findings and communicates toDFATD stakeholders
• Configure and implement technical IT security safeguards, software and hardware security products on operating systems such as Microsoft and Linux
• Integrate and automate IT Security systems (for example: SIEM data ingestion and parsing, shell scripting, web services, APIs)
• Configure intrusion detection systems, firewalls and content checkers, extracting and analyzing reports and logs, and responding to security incidents
• Complete tasks directly supporting the departmental IT Security and Cyber Security Program
• Develop and deliver training material and supporting documentation
• Supports triage and remediating tracking effort of newly disclosed vulnerabilities affecting cloud and on-premises systems
• Access and integrate information from monitoring tools and other sources to decipher underlying trends or uncover anomalies and discern obscure patterns and attributes
• Compile results into reports or analytical products as required
• Prepare and present analysis, in the form of briefings and/or reports
• Provide subject matter expertise on industry trends, techniques related to Forensics, Malware Analysis, cloud security and Advanced Hunting
• Qualifications
• Mandatory

A minimum of 10 years of experience performing tasks such as

Review, analyze and/or apply

• Networking Protocols (HTTP, FTP, Telnet)
• Internet security protocols (for example: SSL, S-HTTP, S-MIME, IPSec, SSH)
• TCP/IP, UDP, DNS, SMTP
• Directory Standards such as X.400, X.500, and SMTP
• Network routers, multiplexers and switches
• Network hardening (for example: shell scripting, service identification)
• Wireless technology
• Technical threats to, and vulnerabilities of, networks
• Technical IT Security safeguards
• IT software and hardware security products
• Configure operating systems such as MS, Unix, Linux and Novell
• Configure IT Security management
• Configure intrusion detection systems, firewalls and content checkers, extracting and analyzing reports and logs, and responding to security incidents
• Configure/update virus scanners
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material

Must have one valid SANS Institute Global Information Assurance Certification (GIAC) certification in good standing from the following focus areas

• Cyber Defense,
• Cloud Security or
• Digital Forensics & Incident Response.

A minimum of 10 years of experience performing cyber incident response; researching and documenting technical details of cyber attack activity, including

• Analyzing and characterizing threat activity according to industry standards, attack types, and methodologies.
• Identifying, validating and describing technical evidence of impact and progress of attacks through stages of the attack cycle.
• Documenting technical findings in written reports and
• Presenting the findings to technical and nontechnical audiences.

A minimum of 5 years of network forensics experience using data from multiple sources to reconstruct and analyze cyber threat activity, including in-depth analysis of

• Raw traffic content (TCP/IP, various application protocols)
• Network device metadata and firewall/IDS logs
• Server application, authentication and HTTP Logs
• A minimum of 10 years of experience performing in-depth reverse engineering of malware, using both static and dynamic analysis techniques, to produce actionable intelligence, including the creation of YARA (Yet Another Recursive Acronym) rules or technical analytics to describe IOCs (Indicators of Compromise).

A minimum of 10 years of experience performing in-depth binary code analysis within a Windows environment using static disassemblers and debuggers, including analysis of code incorporating anti-analysis and tamper resistance techniques. Tools may include, but are not limited to

• IDA Pro,
• Binary Ninja,
• Ghidra,
• WinDBG,
• Immunity Debugger
• and
• OllyDbg.
• A minimum of 6 years of experience performing end-to-end analysis of the cyber intrusion kill chain, including TTPs (Tactics, Techniques and Procedures) used in each phase.

A minimum of 6 years of experience developing custom tools using Python scripting language to support the following tasks

• decoding and parsing network traffic,
• gathering and analyzing forensic data from endpoints; and
• automating other SOC-related analysis and duties.

Experience in post detection forensic analysis using all of the following IT security solutions

• Antivirus/Endpoint Protection Platform (EPP)
• Endpoint Detection & Response (EDR)
• Security Information & Event Management (SIEM)
• Additional Information
• Work-Life Balance
• We strongly support a healthy and productive work-life balance. This starts with a flexible approach to work, and policies designed to support employees through their day-to-day routines and major life events. For example, we offer a Maternity/Parental Top-Up (up to 52 weeks) and a Reservist Leave Top-Up (up to 180 days).
• Belong@ADGA
• ADGA continuously strives to integrate advanced Diversity, Equity & Inclusion (DEI) approaches and practices into our work culture. Our employee-based DEI Committee explores activities and invites discussions that foster an environment where all employees feel valued, respected, and heard.
• Compensation
• Above and beyond our commitment to offer a competitive base salary, ADGA has a company-wide profit-sharing plan for all full-time and part-time employees.
• Comprehensive Benefits and Total Rewards
• We offer a comprehensive benefit program, providing employees with the choice between base or enhanced plans. Depending on the plan, ADGA pays for Health & Dental, a Health Spending Account, Short-Term Disability, an Employee Assistance Program, and a Telemedicine service. Also offered: discounts on gym memberships, 5,000+ perks through Perkoplis, a Deferred Profit Sharing Plan, and access to a wide range of other employee-centric services and savings programs.