Who we are
Founded in 2002, Zafin offers a SaaS product and pricing platform that simplifies core modernization for top banks worldwide. Our platform enables business users to work collaboratively to design and manage pricing, products, and packages, while technologists streamline core banking systems.
With Zafin, banks accelerate time to market for new products and offers while lowering the cost of change and achieving tangible business and risk outcomes. The Zafin platform increases business agility while enabling personalized pricing and dynamic responses to evolving customer and market needs.
Zafin is headquartered in Vancouver, Canada, with offices and customers around the globe including ING, CIBC, HSBC, Wells Fargo, PNC, and ANZ. Zafin is proud to be recognized as a top employer and certified Great Place to Work® in Canada, India and the UK.
What is the opportunity?
Zafin is seeking a detail-oriented and proactive Security Analyst to join our dynamic security operations team. This role will be pivotal in monitoring, detecting, and responding to security incidents across various environments including Microsoft Sentinel and Extended Detection & Response (XDR). The candidate will be responsible for optimizing security tools, performing threat hunting, and ensuring robust cybersecurity incident management processes. You will collaborate with other security and IT teams to enhance our incident detection and response capabilities, thereby contributing to a stronger, more resilient cybersecurity posture.
What will you do?
Monitoring and Incident Response: Although the initial triage and mitigation are managed by the Managed SOC, the Security Analyst will take responsibility for further investigation and response. They will analyze security alerts generated by Microsoft Sentinel, XDR, and other security tools, focusing on incidents requiring deeper scrutiny or escalation. The analyst will perform root cause analysis of security incidents, assess their impact, and implement additional containment and remediation measures as needed. By working closely with the Managed SOC team, they will ensure a smooth handover of incidents, allowing them to handle complex cases that require a hands-on approach to resolution.
Threat Hunting and Anomaly Detection:
Security Analyst will be actively engaged in proactive threat hunting and anomaly detection across the organization’s systems. Using data from Microsoft Sentinel, XDR, and other security tools, they will search for undetected threats, analyzing logs and activities to identify indicators of compromise (IOCs). They will also incorporate threat intelligence to stay ahead of emerging threats, conducting in-depth malware analysis and identifying patterns indicative of potential attacks. These proactive activities will help the organization mitigate risks before they escalate into full-blown incidents.
Security Tool Optimization and Maintenance:
Security Analyst will be responsible for optimizing and maintaining the organization's security tools, including Microsoft Sentinel and XDR. Their duties will include refining detection rules, improving alerting mechanisms, and ensuring that the security monitoring systems remain efficient and effective. They will conduct regular health checks on these tools, ensuring they are fully operational and capable of detecting the latest threats. This continuous optimization will enhance the tools' accuracy, reduce false positives, and improve the overall quality of security alerts.
Development and Improvement of Playbooks:
Security Analyst will play a key role in developing and refining cyber incident response playbooks. These playbooks will guide the organization in responding to security incidents, particularly after initial triage by the Managed SOC. The Analyst will ensure that the playbooks are continuously updated based on new attack vectors and post-incident feedback. By improving and updating these playbooks, the analyst will contribute to a more effective and efficient incident response process.
Collaboration and Query Analysis:
The Security Analyst will collaborate with teams such as the Managed SOC, IT, DevOps, and others to ensure the timely and effective resolution of security incidents. In addition, they will run custom queries within Microsoft Sentinel and other security tools to investigate incidents more thoroughly. These queries will provide deeper insights into potential threats, enabling the analyst to extract meaningful data for further analysis. By sharing their findings and recommendations with the broader security team, they will contribute to refining detection rules and improving the organization’s overall security posture.
Experience: Minimum 2 years in IT Security
Certifications CEH, CompTIA+ Security, or equivalent; relevant vendor certifications. Microsoft/ Azure Security Certifications Azure/ Microsoft 365 Experience working on Microsoft Sentinel
Minimum Required Behavioural / Soft Skills
Critical Thinking, Ability to analyze complex situations, make sound judgments, and take decisive actions in high-pressure situations.
What’s in it for you
Joining our team means being part of a culture that values diversity, teamwork, and high-quality work. We offer competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and robust opportunities for professional growth and career advancement. Want to learn more about what you can look forward to during your career with us? Visit our careers site and our openings: zafin.com/careers
Zafin welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.
Zafin is committed to protecting the privacy and security of the personal information collected from all applicants throughout the recruitment process. The methods by which Zafin contains uses, stores, handles, retains, or discloses applicant information can be accessed by reviewing Zafin’s privacy policy at https://zafin.com/privacy-notice/. By submitting a job application, you confirm that you agree to the processing of your personal data by Zafin described in the candidate privacy notice.
