You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Practice Lead - Incident Response and Forensics

Montreal, QC
Full Time
Join our team

As TELUS grows its Security Solutions unit we are looking for talented Security Consultants to join our project-based, Governance, Risk and Compliance team.

As part of the TELUS Cyber Security you will have the opportunity to act as a self-starter and provide consulting expertise to our clients by showcasing your outstanding relationship building skills, security knowledge and expertise as you will oversee projects including but not limited to security posture assessments, security governance reviews, security gap assessments and external clients' risk assessments.

Join a team of experts in their field that will mentor, coach and help you grow while juggling multiple highly challenging and rewarding projects!

Here's the impact you'll make and what we'll accomplish together

Reporting to the Principal, Cyber Security Professional Services as part of the TELUS Security Solutions team, the Practice Lead will help manage, build and grow TELUS' Cyber Security Professional Services, Forensics and Incident Response National Practice. This practice has the primary responsibility of responding to and investigating security incidents.

If you possess an understanding of digital investigations and their underlying principles and have strong working experience in the field with current, effective and advanced technical skills around incident response, threat hunting and security engineering, this hands on role might be just for you!

Here's how
    •You will be responsible for the day-to-day management and strategic roadmap of the practice which includes incident response, computer forensics, network forensics, malware analysis, memory analysis, and cloud services forensics and analysis •You will closely collaborate with peers on the Consulting Security Services (CSS) side and Sales Executives/Business Development Managers on sales initiatives, including responding to RFx and client SOW requests •You will Provide client facing support for pre-sales, scoping, proposal development through to delivery and post project/incident follow up •You will support the resourcing strategy in conjunction with the Regional Manager and Principal including participating in recruiting, hiring and managing resource activities of the team supporting the National Forensics and IR Practice •Review, update and formalize processes and work collaboratively with marketing and sales to expand and deliver on new offerings •You will engage with clients, information security partners, technology components, business elements, and senior management


You're the missing piece of the puzzle
    •You hold a University degree in a related field •You have 10+ years of experience in a consulting services role or a related information technology position •You have 5+ years of experience performing in incident response roles that include containment and isolation, forensics, root cause analysis, and remediation •You are recognized for your ability to support client engagements from pre-sales (including SOW development, scoping and determining delivery level of effort) through to delivery and post incident/project follow up •You are sought out for your expertise in producing and leading the development of reports and briefings for senior client executives based on defined engagements •You strive to analyze marketplace trends (economic, social, cultural and technological) to identify opportunities and create value propositions •You are skilled in providing threat analyses mitigation/countermeasure recommendations, after action reports, summaries, and other situational awareness information in areas such as: Perimeter Defense; Malicious Software Analysis; Attack vector analysis; Computer Network Defense; Incident Handling; Risk Analysis and Readiness; Strategic Planning Analysis •You are known for your ability to provide reactive live incident response including triage, containment, and remediation, with triaging of electronic devices, correlating forensic findings with network events to further develop intrusion narratives •You possess hands on Experience with Open Source threat hunting tools (ELK Stack - Elasticsearch, Logstash, Kibana), malware reverse engineering and the acquiring and collecting of computer artifacts, malware, user activity and log files •You are viewed as being proficient with common cybersecurity management frameworks and industry leading practices with hands on experience applying the MITRE ATT&CK Framework from a detection and prevention perspective and cybersecurity governance, risk and compliance functions, threat modeling, identity and access management and cybersecurity operations •You are the go-to-person for the delivery of proactive Incident response risk assessments Incident management program development, Incident management tabletop exercises
    •Ability to work off-hours during evening, overnight, week-ends and during holidays as required for senior level incident response, aiding clients in responding to and recovering from sensitive incidents •Fluent bilingualism in reading, writing and speaking both English and French would be an asset •Forensics, Incident Response or Infosec certifications (i.e. GREM, GCFA, GNFA, GCFE, OSCP, etc) •Understanding of Forensics and Incident Response Tools, SecOps practices and Investigative Methods •Familiarity with different network architectures, network services, operating systems, network devices, development platforms and software suites •Familiarity with enterprise firewall administration including installation, maintenance, and rule management •Familiarity with Windows server and workstation hardening through configuration and host-based security software (e.g. host-based firewalls, antimalware, application whitelisting) •Familiarity with administration of centralized logging tools and/or Security Information and Event Management Systems (SIEMs) •Experience sifting through the following technologies for evidence;
      •Windows disk and memory forensics •Network Security Monitoring (NSM), network traffic analysis, and log analysis •Unix or Linux disk and memory forensics •Static and dynamic malware analysis

Who is TELUS?

We're a high-performing team of individuals who collectively make TELUS one of the leading telecommunications companies in Canada. Our competitive consumer offerings include wireline, wireless, internet and Optik TV™. We also deliver a compelling range of products and services for small, medium and large businesses; and have carved out a leadership position in the health, energy, finance and public sector markets with innovative industry specific solutions.

Everyone belongs at TELUS. It doesn't matter who you are, what you do or how you do it, at TELUS, your unique contribution and talents will be valued and respected. Because the more diverse perspectives we have the more likely we are to crack the code on what our customers want and our communities need.

Do you share our passion?

At TELUS, you create future friendly ® possibilities.

At TELUS, we are committed to diversity and equitable access to employment opportunities based on ability.
Management and Executive

The #1 Podcast for Jobseekers

Latest Episode:

#40 - Digital Supercluster - How to Become a Successful Starter

Interested in jobs like this?

Sign up for email alerts
Get job alerts

About Telus

TELUS (TSX: T, NYSE: TU) is Canada’s fastest-growing national telecommunications company, with $12.3 billion of annual revenue and 13.9 million customer connections, including 8.4 million wireless ...

Read More
10,000+ employees