Information Security Specialist

What you'll do :

• Reporting to the Manager, Security, this position is responsible for providing security input, process controls and expertise with chosen technology, during the development and implementation stages of networks, server applications, cloud services and hardware changes.
• Assist IT staff in the containment and resolution of reported security incidents and coordinates the escalation of security incidents when they occur.
• Collaborates with project managers on critical IT and security projects to ensure that security risks are addressed throughout the project life cycle.
• Works with SCIC's IT department and members of the information security team to identify, select and implement technical and policy controls.
• Assists in the design, evaluation, and implementation of new security technologies.
• Manages relationship with auditors. Receives audit findings, and manages the collection of responses and remediation plans with owners.
• Monitors security logs, native consoles, security information and event management, correlation tools, and other analysis tools that watch for threats, vulnerabilities or environmental changes that affect risk.
• Determine baseline security configuration standards for operating systems and all other networked devices.
• Validates security configurations and access to security infrastructure tools.
• Reports to SCIC's management concerning residual risk, vulnerabilities and other security exposures.
• Provide training regarding security and awareness, to staff on a daily basis as required, or as part of Security and Awareness training plan.
• Stays current with industry standards, trends and developments; provides recommendations to management on security measures to ensure SCIC is adequately managing its IT environments.

Qualifications :

• To be successful in this position you will need the completion of a diploma in Information Security or Computer Science, supplemented by four years’ directly related experience in an information security role, OR a diploma in Information Security or Computer Science, supplemented by 8 years of IT experience with an emphasis on computing and networking infrastructure.
• Completion of industry related certification or accreditation such as CISSP or CCSP is required, or commitment to work towards completion within first year of employment.
• Proficient knowledge in the following areas : Information security best practices, principles, and methodologies. Cloud associated technologies as they relate to security.

Risk management practices and security program development. End user security awareness programs.

Proficient in the following skills : Analyzing and correlating data to identify potential attacks, patterns of attacks, security violations, incidents, and malicious activity.

Evaluating security trends, evolving threats, risks, and vulnerabilities. Scripting (KQL / PowerShell). Documenting incident handling processes as run books.

• Fundamental knowledge of IT systems development life cycle and implementation.
• Written and verbal communication skills, with the ability to explain complex programs, policies, and processes to both technical and non-technical audiences.
• Interpersonal skills, enabling collaboration and influence of other’s actions through explaining and demonstrating needs through technical expertise.
• Proven documentation and mathematical skills.

Competencies :

Service Excellence : Offers support to colleagues and customers that are in distress. Uses customer feedback to make changes in work and personally commits to resolving customer issues.

Builds strong, collaborative and mutually beneficial relationships with customers.

Personal Leadership and Development : Seeks out continuous learning opportunities to further develop skills. Acquires skills needed to continually enhance individual contribution.

Influences others to act in accordance with the organization’s values.

Strategic Thinking : Translates high level and complex information into realistic plans. Commits to achieving success at the team and organizational level.

Ensures that individual objectives reflect the organizational direction.

Decision Making : Identifies and plans for the impacts or implications of decisions in the current and future environment.

Considers the interests of various stakeholders when making a decision. Serves as a role model in making the tough decisions that are needed and doesn’t delay in moving forward.

Innovation : Encourages novel and unique ideas to solve problems. Accepts mistakes or failures as important learning opportunities on the road to success.

Takes action to align the organization with planned changes.

Analytical Thinking : Anticipates how customers, individuals, teams and others will respond or react to situations and develops a plan or information to reduce concerns.

Evaluates the impact of possible outcomes to determine the best possible option. Identifies and breaks down critical components of complex situations to determine root causes.

Team Collaboration : Builds cooperation and communication between multiple teams, recognizing when teams could work together for improved success.

Capitalizes on the strengths and skill sets of team members by aligning tasks with individual strengths. Seeks the opinion of others when developing solutions.

Building Organizational Community : Works toward solutions that all team members can support. Ensures cross-team collaboration for organizational effectiveness.

Serves as a personal model of the change that is expected of others.

Communication : Communicates complex issues clearly and with credibility. Uses open-ended questions, active listening and dialogue to encourage others to provide information about underlying needs or issues.

Responds to audiences needs by modifying the approach, content or format of the communication.

Accountability : Recognizes and celebrates successful individual and team outcomes. Seeks and / or provides challenging assignments as learning opportunities.

Strives for excellence in personal performance and coaches others to perform at their best.

Performance Management : Demonstrates an in-depth knowledge and understanding of business planning, accountability practices and systems management.

Assigns the appropriate authority for resource management. Ensures policies and processes are up-to-date and most efficient.

Planning and Risk Management : Continually adapts priorities and responsibilities in response to changing needs. Establishes internal controls, within own work unit / team, to detect problems or issues as they occur and make necessary corrections.

Thinks ahead, evaluates risks and plans contingencies.