Req Id: 251398
At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content – we’re revolutionizing how Canadians communicate.
If you’re ready to bring game-changing ideas to life and join a community that values bold ideas, professional growth and employee wellness, we want you on the Bell team.
Corporate Services is at the centre of the action, providing the support that enables Bell’s industry leadership. Our Corporate Security & Responsibility, Communications, Human Resources, Procurement & Value Creation and Real Estate teams work collaboratively to drive our corporate strategy forward.
CORPORATE SERVICES – CORPORATE SECURITY
Bell is currently seeking an experienced candidate (up to CP3) for a position within the Information Security team. Reporting to the Senior Manager – eDiscovery, Digital Forensics & Incident Response (DFIR), this person is responsible to assist with eDiscovery, Digital Forensics, and Incident Response activities for BCE and its subsidiaries. The candidate should be an independent, critical thinker skilled in analyzing data while working effectively with other internal and external teams to conduct cyber investigations and respond to eDiscovery matters. The candidate must also be able to work in high pressure situations for extended periods of time as a core member of Bell’s Cyber Incident Response Team (CIRT).
Conduct eDiscovery collections, manage and support Bell’s Relativity platform on behalf of Bell’s Legal and Investigative departments
Conduct PC, server, email, mobile device, RAM, Social Media and Cloud based forensic examinations including preservation, acquisition, and analysis of digital evidence
Investigate network and computer intrusions to identify root cause and generate indicators of compromise (IoC) in conjunction with Bell’s Cyber Threat Intelligence team
Generate high quality forensic reports and synopses presenting complex technical processes and findings clearly and concisely to technical and non-technical business unit managers
As part of Bell’s blue team, working in conjunction with Bell’s red team in exercises towards the common goal of continuing to improve security within BCE and its subsidiaries
Both daytime and on call rotations as Duty Officer performing 7x24x365 triage as well as Incident Handling and Response for Bell’s Cyber Incident Response Team (CIRT)
QUALIFICATIONS - REQUIRED
5+ years of experience performing forensic acquisition and examination of Windows, Unix/Linux, and Macintosh-based PCs and servers and/or in eDiscovery processes and software
Understanding of multiple forensic platforms and tools – EnCase, Relativity, NUIX, Axiom, FTK, X-Ways Forensics, Volatility, Sleuthkit, BlackBag tools, and/or various Open Source forensic tools
Hands-on experience performing network traffic and/or log analysis
Working knowledge of computer/server virtualization/hardware (e.g. VMware, PCI, USB, Firewire)
Working knowledge of storage / file system configurations (i.e., SANs, RAIDs, SAS, SATA, NTFS, FAT32)
QUALIFICATIONS - DESIRED
Extensive knowledge of the Electronic Discovery Reference Model (EDRM)
Understanding of evidence handling and chain-of-custody procedures
Forensic lab management experience, including infrastructure (hardware and software), processes, procedures, and supporting documentation based on industry best practices
Basic Knowledge of SQL and regular expressions
Scripting in one or more of Perl, Python, PowerShell, BASH and/or Windows BATCH
Ability to write queries/rules in two or more of LUCENE, Kibana, Splunk, EnCase GREP, YARA
CERTIFICATIONS – DESIRED (ANY TWO OR MORE OF THE FOLLOWING)
Forensic Examiner (e.g. EnCE, ACE, SANS)
Incident Handling and/or Response (e.g. SANS, CERT/CC)
Canadian Police College (e.g. Cyber Investigator)
Certified eDiscovery Specialist (CEDS)
RAM analysis (e.g. Volatility)
Mobile analysis (e.g. Cellebrite, BlackBag, Oxygen, Paraben)
EQUALLY IMPORTANT ARE SOFT SKILLS
Strong sense of professionalism and ethics
Acts with very high degree of integrity
Communicates honestly and openly
Passionate about the importance of security, and want to partner with colleagues who need your expertise
Providing quality insights to senior stakeholders across the organization, sometimes on short-notice
Forward looking self-learner
Value truth, openness, and pursuing excellence
Ability to reliably and independently ensure things get done
Ability to give and receive open and direct feedback
Ability to set and manage expectations with senior stake-holders, clients and team members
Demonstrate logical argumentation, attention to detail, and critical thinking in documentation and verbal communications
This position requires eligibility to obtain Secret level II clearance (and may require TS+ in the future)
Working in English, but English/French bilingualism is a strong asset.
Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec.
Position Type: Management
Job Status: Regular - Full Time
Job Location: Canada : Ontario : Ottawa || Canada : Ontario : Toronto || Canada : Quebec : Montreal
Application Deadline: 04/17/2020
Please apply directly online to be considered for this role. Applications through email will not be accepted.
At Bell, we don’t just accept difference - we celebrate it. We’re committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.
Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or email@example.com to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at firstname.lastname@example.org.
Created: Canada , ON , Ottawa