Ranked a Best Employer in Canada for 23 years, Bennett Jones is one of Canada’s premier business law firms and home to lawyers and business advisors. With deep experience in complex transactions and litigation matters, and offices in Calgary, Edmonton, Montréal, Ottawa, Toronto, Vancouver and New York, the firm is well equipped to advise businesses and investors with Canadian ventures and connect Canadian businesses and investors with opportunities around the world. Serving clients since , we are proud to be the firm that businesses trust with their most complex legal matters.
We are currently recruiting for the following role :
Senior Security Analyst
Essential Functions :
- Conducting daily security operations activities, by : Reviewing security alerts from various tools (Antimalware, EDR, Network security, SIEM, DLP, Web filtering, etc.). Reviewing security requests from users or other IT teams Performing in-depth analysis of security events or requests, to confirm root cause (alerts), business need (requests), technical details, and risk level. Making security recommendations
- Maintaining security tools to ensure they are properly running on all hosts, and up to date with the latest engine version and threat definitions. This includes : Verifying compliance with the established Firm's standards Troubleshooting health issues Properly documenting, testing, and planning changes
- Communicating with internal and external stakeholders, as required to gather information when conducting security investigations, or managing security projects.
- Maintaining compliance with ISO / 2 by : Making suggestions to improve Standard Operating Procedures (SOPs) for daily security operations, existing security procedures, processes, and security solutions in place, as well as the overall security posture of the Firm. Performing internal audits as directed Preparing regular metrics and reports for security operations and projects
Qualifications :
Bachelor’s degree in computer science, Computer Engineering, Information Security, or related fieldsMinimum three years’ experience of technical information security operations, including :Responding to security alerts and security requests such as : suspicious emails, malware detection, suspicious network traffic, or failed authenticationsAdministration of information security tools, including antimalware, EDR, network security, vulnerability scanning, DLP, and cloud securityWorking in an ISO certified environment and participating in security governance activities, with the development, implementation and operations of information security policies and proceduresMinimum five years of IT and security experience with exposure to a broad range of security topics and technologies, Microsoft ecosystem (Windows domain, Servers, SQL databases, Windows 10 / 11, etc.), Cloud security, Network security, IT project management, etc.Required Skills and Abilities
Up to date knowledge of existing and emerging threats, with a fair understanding of common attack vectors, such as malware behavior, botnet architecture, vulnerabilities exploits, the landscape of cyber criminals, Advanced Persistent Attacks (APT), and the motive and methods of attack of cyber-criminalsStrong analytical and technical abilities to understand how security solutions work, to investigate security alerts, and to conduct security projects.Ability to properly assess information security risks, to provide relevant recommendations, and to clearly present and explain security risks and related recommendations.Hands-on experience managing and supporting antimalware, endpoint, and network security tools, such as : Windows Defender, McAfee, ESET, Crowdstrike, SentinelOne, Vectra network, Darktrace, etc.In-depth knowledge and understanding of Windows 10 / 11 operating systems, Windows domain, as well as Internet and networking principle and protocols.Outstanding oral and written communication skillsExcellent interpersonal relationship skillsHigh-level of attention to detail and accuracyHigh degree of personal initiative and maturity with an ability to work with minimal supervision.Ability to prioritize tasks effectively, to respect deadlines, as well as to report any issues or conflict in the performance of operational activities, and the planning and scheduling of tasks and projects.Professional Security Certifications as follows are an asset.
SANS / GIAC, CompTIA Security+, CEHCISSP, CISA, CISM, CRISC