Manager – Incident Response & Cyber Forensics

BDO - Mississauga, ON (30+ days ago)

Apply Now

Putting people first, every day:
BDO is a firm built on a foundation of positive relationships with our people and our clients. Each day, we rely on our professionals to provide exceptional service, and help our clients by providing advice and insight they can trust. In turn, we offer an environment that fosters a people-first culture with a high priority on your personal and professional growth.

Your opportunity:
BDO Canada LLP is seeking a Manager, Incident Response (IR) & Cyber Forensics to join its Cybersecurity team at our Toronto or Mississauga office. The successful candidate will contribute to a rapidly expanding practice that assists clients in responding to cyber/information security incidents. Reporting to the National Leader, Cybersecurity, the Manager, Incident Response (IR) & Cyber Forensics will coordinate and perform incident response activities for various clients across Canada utilizing state of the art tools. If you are passionate about incident response, this is the right opportunity for you. Our people are our most valuable asset and we encourage career growth and development opportunities for every individual on our team.

In this role, you will perform and lead various activities with respect to Incident Response, including, but not limited to:

Provide swift guidance to clients in the event of cyber incidents/data breaches
Provide IR services around incident analysis, containment, and eradication/remediation
Assist in developing and enhancing Workflows/Policies, Procedural Documentation, and delivery toolkits, etc.
Provide recommendations to clients on how to implement controls and enhance their Incident Response process
Present and deliver incident and investigation reports to client management
Perform root cause analysis of the incidents by utilizing Digital Forensic tools and techniques
Analyze logs from various systems, appliances, and applications to identify potential threats.
Conduct malware and memory analysis
Coach/mentor a team of incident responders
Assist in drafting white papers, thought leadership, and conduct business development activities
Manage multiple competing priorities and deadlines
Report and present findings and recommendation to key stakeholders

How do we define success for your role?

You demonstrate BDO's core values through all aspects of your work: Integrity, Respect and Collaboration
You understand your client’s industry, challenges, and opportunities; clients describe you as positive, professional, and delivering high quality work
You identify, recommend, and are focused on effective service delivery to your clients
You share in an inclusive and engaging work environment that develops, retains & attracts talent
You actively participate in the adoption of digital tools and strategies to drive an innovative workplace
You grow your expertise through learning and professional development

Your experience and education

The ideal candidate will have a minimum of five years’ experience in Cybersecurity with a strong focus on Incident Management and Response, which includes knowledge of:

Digital Forensics Software (Encase, X-Ways, Axiom)
Chain of Custody Procedures
Triage Procedures
Cyber Attack Lifecycles
Network/Infrastructure Appliances and sensors (IDS/IPS systems, SIEMS, Routers, Switches, Firewalls)
Thick Clients
Various Operating Systems (Windows, Linux, Unix)
Cloud Technologies (e.g. Azure, AWS, Google, IBM, etc.)
Web and Mobile Applications
Scripting languages such as: Python, Perl or PowerShell
ISO 27000 Series
NIST SP 800 Series
SANS Institute - CIS Critical Security Controls

AND experience in:
Leading Incident Response Investigations
Understanding software security weakness and vulnerabilities
At least one software programming language and framework
Working with and presenting to diverse stakeholders at various levels (C Suite/Managers), preferably on a national basis
Working in a fast paced environment with multiple competing deadlines and priorities
Forensic capture and investigation tools such as EnCase, X-Ways, SIFT or F-Response
Analyzing security information from a variety of devices & systems (IDS/IPS/SIEMs, Firewalls, OS logs, etc.)
Investigative products such as Carbon Black
Identifying indicators of compromise
Implementing/Reviewing enterprise security controls in Active Directory/Windows environments
Building scripts, tools, or methodologies to enhance investigation processes

The following certifications and/or education would be considered an asset:

College Diploma or University Degree in Information Security or Computer Science
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
GIAC Security Essentials (GSEC)
GIAC – Certified Forensic Analyst (GCFA)
EnCase Certified Examiner (EnCE)
GIAC Certified Incident Handler (GCIH)
Certified Incident Handler (E|CIH)
Certified Ethical Hacker (CEH)
Offensive Security Certified Professional (OSCP)

Why BDO?

Our firm is committed to providing an environment where you can be successful in the following ways:

Firm success - We enable you to engage with the firm's strategic plan, and be a key contributor to the success and growth of the firm.
Professional success - We help you be the best professional you can be in our services, industries and markets.
Personal success - Achieve your personal goals outside of the office and make an impact on your community.

Giving back, it adds up: Where company meets community. BDO is actively involved in our communities by supporting local charity initiatives. We support staff with local and national events where you will be given the opportunity to contribute to your community.

Total rewards that matter: We pay for performance with competitive total cash compensation that recognizes and rewards your contribution. We provide flexible benefits from day one, and flexible time off through vacation, personal, and volunteer days. We are committed to supporting your overall wellness beyond working hours, and provide reimbursement for wellness initiatives that fit your lifestyle.

Everyone counts: We believe every employee should have the opportunity to participate and succeed. Through leadership by our Chief Inclusion and Diversity Officer, we are committed to a workplace culture of respect, inclusion, and diversity. We recognize and celebrate the valuable differences among each of us, including race, religious beliefs, physical or mental disabilities, age, place of origin, marital status, family status, gender or gender identity and sexual orientation. If you require accommodation to complete the application process, please contact us.

Ready to make your mark at BDO? Click “Apply now” to send your up-to-date resume to one of our Talent Acquisition Specialists.

To explore other opportunities at BDO, check out our careers page.