Information Security Analyst

Information Security Analyst

The Information Security Analyst is responsible for the identification, investigation and resolution of security events across networks and Cloud environments; as well as for conducting vulnerability audits and taking timely action to remediate findings. They are involved in the design, configuration and implementation of security solutions. They are also accountable for the creation and maintenance of standards, baselines, guidelines and procedures. The Information Security Analyst will function as part of the security team and enjoys working with minimal supervision.

RESPONSIBILITIES

• Identification, investigation and resolution of security events
• Design, configuration and implementation of security solutions.
• Supporting security audits and managing the remediation of identified vulnerabilities.
• Creation and maintenance of standards, baselines, guidelines and procedures.
• Taking adequate and timely action to enhance the security posture of the organization
• Work with Managed Security Services Providers to manage the security configuration and operation of managed security technologies; respond in a timely matter to escalated security incidents and work with external and/or internal stakeholders to provide timely resolution.
• Review or oversee the monitoring of logs and reports of existing systems; interpret the implications of identified activity and devise plans for appropriate resolution.
• Participate in the design and execution of vulnerability assessments, penetration tests, security audits, and remediation of identified vulnerabilities.
• Participate in the planning and design of enterprise security architecture; maintain and improve configurations of security solutions for efficient and appropriate operations.
• Participate in the creation of enterprise Information Security documents (policies, standards, baselines, guidelines and procedures).
• Compile metrics related to the Information Security program, analyze threat trending and develop a mitigation strategy to minimize identified risks.
• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan
• Recommend new security solutions or enhancements to existing security solutions to improve overall enterprise security posture
• Participate in the deployment, integration and security configuration of new IT solutions and of any enhancements to existing IT solutions in accordance with standard best operating procedures and the enterprise’s security standards.
• Maintain up-to-date baselines for the secure configuration and operations of IT systems.
• Maintain up-to-date detailed knowledge of the Information Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

QUALIFICATIONS

• Minimum 5 years of progressive responsibilities in managing information security systems, Incident Response, Vulnerability Management, User awareness training, etc.
• Cloud security working experience in AWS/Azure/GCP will be considered as an asset
• Working knowledge of Cloud Access Security Broker (CASB), Data Loss Prevention (DLP) is an asset
• CISSP and other security certificates will be considered as an asset
• Cloud security, End Point Protection, IPS/IDS, Security Incident and Events Management (SIEM), L7 Firewalls, Privileged Access Management, Encryption, Vulnerability Management, Application Security, Identity and Access management (IAM), etc.
• Strong understanding of TCP/IP, IPSEC, SSL/TLS and other network and encryption protocols.
• Strong understanding of all currently supported Windows operating systems; knowledge of Linux distributions is an asset
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Excellent written, oral, and interpersonal communication skills.
• Proven ability to conduct research into Information Security issues and security products as required.
• Proven ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated; able to work with minimal supervision.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

This is a permanent position located in downtown Toronto with an annual salary of $95,000.00 – $105,0000.00 plus bonus.