Security Ops Analyst

Insurance Corporation of British ColumbiaNorth Vancouver, BC
Hybrid

About The Position

This is an Internal ICBC job posting for applicants within the bargaining unit. ICBC is committed to delivering consistently high-quality customer service to all British Columbians. If you are reliable and dependable, love to think outside of the box and have a growth mindset, we welcome you to apply for this exciting opportunity. Reporting to the Manager of IT Security, the Security Operations Analyst (SOA), as part of a team, will support ICBC’s cybersecurity functions (detection, monitoring and response) and become a technical and cybersecurity leader. You will work closely with ICBC’s Information Risk Management, Platform teams, Application teams and a Managed Security Operations Center. The SOA is responsible for delivery and continuous improvement of IT cybersecurity functions using ITIL principles and alignment to ISO 27001 controls, alignment to ISO 27001 controls, CIS controls, and NIST.

Requirements

  • Two (2) years’ experience in a large, complex IT environment, with a preference of at least one (1) year in cybersecurity (in a Security Operations Center).
  • Demonstrated solid knowledge, strong skills, and practical experience of: Various incident response stages, controls, processes, procedures, and playbooks.
  • MITRE ATT&CK and Cyber kill-chain frameworks and applying their techniques, tactics and procedures in dynamic IT environment.
  • SIEM, SOAR, UEBA and EDR technologies, vulnerability management tools and network monitoring applications.
  • Analyzing, interpreting technical logs and data to identify event or incident root cause(s).
  • File and host investigation techniques.
  • Cybersecurity and privacy principles and risks preferably in relation to NIST framework and CIS controls.
  • Communicating effectively, explaining, and documenting technical details clearly and concisely.
  • Troubleshooting and applying analytical thinking skills.
  • Staying on top of the latest cybersecurity research and cyberattacks.

Nice To Haves

  • A demonstrated continuous education and/or completion of relevant cybersecurity certifications is desirable but not required.
  • Scripting or programming languages such as Python, PowerShell, Bash, SQL etc. would be desirable.
  • Basic network protocols, network layers and potential attacks occurring at different levels of the network stack would be advantage.
  • Cybersecurity related certification holder such as SC-200, Comptia Security+, etc. is preferred.

Responsibilities

  • Identifying, triaging and investigating cybersecurity events and incidents end-to-end, including response, escalation, and resolution with end users.
  • Working independently and collaboratively with IT teams to proactively recognize any potential intrusion attempt and compromises through correlation analysis of relevant IOCs, event details and threat intelligence sources.
  • Providing mitigation and remediation support in response to identified cyber threats.
  • Actively contributing to the development of Security Operations Center (SOC) architecture, standards, methodologies, techniques, processes, and technical playbooks.
  • Effectively using and improving SOC technologies (network data, endpoint and application) and SOC automation.
  • Actively enhancing detection rules and technical capabilities of the SOC toolkit to optimize and tune alerts, minimize false positives, correlation, and parsing issues.
  • Providing oversight to the compliance of ICBC systems with respect to vulnerabilities and patching.
  • Continuously contributing to and improving IT cybersecurity metrics and reports.
  • Acting as the first point of contact with external and internal stakeholders (business, IT teams, security service providers) to gain their trust and credibility.

Benefits

  • competitive salary
  • comprehensive benefits
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service