Information Security Analyst
canada Head Office
We’re looking for an Information Security Analyst to join our infrastructure team. As a team member, you will assist with the design, implementation, configuration, and integration of security technical controls. An Information Security Analyst is responsible for performing security related audits, assessments, operations, administration, and maintenance of enterprise information security solutions as well security activities and functions including monitoring, triaging, and investigation of security events and incidents.
You can think like a customer, make sound decisions, overcome hurdles, follow through on commitments, have a thirst for learning, and bring a positive attitude while working in a team environment.
- Analyze IT Security risks/vulnerabilities and implement security controls, including deployment and maintenance of security and compliance tools, such as SIEM, Endpoint Solutions, DLP, Vulnerability Management technologies
- Provide security event monitoring and incident management support
- Actively participate in the research of trends and current countermeasures for cybersecurity vulnerabilities, exploits, and other malicious activity
- Perform analysis, validation, and business-aligned remediation recommendations for emerging threats
- Participate in day-to-day security operations primarily focused on protecting against data breaches, exploits, threats, and malicious attacks. Coordinate the evaluation, deployment, and management of current and future security technologies
- Work with the Information Security Officer to develop policies and procedures
- Manage the administration and maintenance of all security systems and their corresponding or associated software
- Plan, implement, coordinate, monitor, and evaluate all assigned systems, operations, functions, services, and any third-party tools related to securing the company’s computer systems, servers, data, and network connections
Technical Skills Required
- Deep understanding of secure configuration management, antivirus/spyware/malware, intrusion prevention, physical security of IT Assets, network segmentation/isolation, firewall and web application firewall administration, network infrastructure, event management
- Deep understanding of Data Loss Prevention (DLP), Whole Disk Encryption, IT Asset Monitoring, Data protection and disposal, email and web filtering, Security Event Monitoring
- Strong foundation in IT security policy, standards, guidelines, and procedures
- Strong foundation in Incident Response, including root cause analysis of critical security events for improving preventative and reactive processes
Non-Technical Skills Required
- Analytical and process-oriented, with a proven track record of driving decisions collaboratively, resolving conflicts and ensuring follow-through
- Managing expectations to ensure operational efficiency and support for IT security infrastructure
- Problem-solving mentality leveraging internal and external resources
- Exceptional verbal and written communication
- Bachelor’s degree in computer science or related
- 5+ years of system security administration and support
- 5+ years of deploying, integrating and configuration technical security controls.
- 5+ years of implementing vulnerability management, security log management, and access management systems
- Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), or other information security certifications preferred.
- Information Security Risk Analyst, Cyber Security Analyst, Security Compliance Analyst