IT - Application & Software Development
Dec 16, 2018
Our client, a leading education institution in Barrie, is looking for an IT Security Analyst to join the team. The position is to take a lead role in critical and complex intra and inter-organizational projects requiring high levels of coordination and an extreme breadth of knowledge.
What’s in it for you?
Our client is located in Barrie and offers a competitive compensation & employee benefits plan. At the same time, our client empowers its teams to harness new ideas, and allows staff unleash their imaginations to create innovative products and services to improve services and respond to customer needs.
- Designs, builds and maintains a Security Information and Event Management (SIEM) system in accordance with industry and chosen vendor best practices
- Identifies and implements key monitoring security metrics, develops SIEM macros and alerts, and continuously monitors network, system and application vulnerabilities and threats
- Works with threat intelligence service providers to monitor intelligence and to optimize SIEM and security technologies capabilities, efficiencies and effectiveness
- Monitors and continually fine-tunes advanced threat detection technology policies and practices in accordance with current threats and best practices
- Maintains system baseline security configurations and then coordinates, schedules, and undertakes ongoing vulnerability assessment (VA) to ensure that all systems (e.g. PCI systems, application servers, web farms) receive regular and routine security assessment and remediation as required
- Coordinates, schedules, and undertakes an ongoing technical penetration testing (PT) program to ensure that all high value and high risk systems receive regular and routine penetration testing assessment and remediation as required, particularly to meet mandatory compliance requirements
- Tracks, reports on and remediates vulnerabilities and system weaknesses by working collaboratively with IT Infrastructure and other technical staff
- Maintains VA and PT technologies with current configurations and makes enhancement acquisition recommendations
- Provides regular status reports related to SIEM, VA and PT activity to the Manager, Information Technology Security, system owners, management and other stakeholders
- Develops and maintains cyber incident response practices and procedures
- Successfully completed a three year diploma / degree in a relevant field of study that may include, but is not limited to Information Technology, Information Systems, or Engineering
- Certified Information System Security Professional (CISSP) or Systems Security Certified Practitioner (SSCP) or Certified Cyber Forensics Professional (CCFP) certification is required
- Five years’ experience in a similar position where duties included participating in threat and risk assessment and privacy impact assessment processes
- Experience applying PCI DSS standards as well as related payment card environments, security architecture and compliance process