POSITION SUMMARY
As a part of the Information Security team and reporting to the Supervisor Information Security, the Security Analyst is responsible for maintaining and enhancing the organization’s security posture. The position involves day to day operation and maintenance of security hardware and software, investigating and responding to security alerts and incidents in collaboration with the IT incident response team. The Security Analyst will create documentation for security investigations and security management, scan for and remediate vulnerabilities across networks, endpoints, and cloud services, and conduct assessments of new vendors, software, and hardware. The role answers security-related questions from users, stays updated on new and evolving threats, and recommends updated security measures as required.
The Security Analyst will support IT teams with security-related tasks, work towards the goals of the Information Security program, assist with legislative and external compliance, and collaborate with internal and external stakeholders.
DUTIES AND RESPONSIBILITIES (not listed in order of priority)
1. Monitor and maintain deployed security software, and hardware.
2. Investigate and respond to alerts from deployed security and monitoring software, SIEM, and SOC.
3. Develop and document repeatable processes for security related investigations, configuration, and system management activities.
4. Work as part of the Information Technology incident response team and respond to IT and security incidents as required.
5. Scan networks, endpoints, and cloud services for vulnerabilities and monitor remediation efforts.
6. Create and maintain scripts and automation for repeatable tasks.
7. Conduct vulnerability assessments of new vendors, software, and hardware.
8. Answer questions and provide training to users on security topics.
9. Keep up-to-date on new and evolving threats and provide recommendations for patching, configuration changes, and new security controls.
10. Provide support to IT teams for security-related tasks.
11. Work as part of the Information Security team towards identified goals of the Information Security program.
12. Collaborate with internal and external stakeholders to assist with required legislative and external compliance.
13. Provide research, evaluation, and recommendations for new IT security solutions and threat countermeasures.
14. Direct information security projects for deployment, configuration, testing, and documentation of new IT security solutions, including hardware and software.
15. Perform other duties as assigned, including redeployment in emergency situations.
16. Comply with provincial and County occupational health and safety legislation, regulations , policies and procedures.
17. Maintain confidentiality in accordance with the Municipal Freedom of Information and Protection of Privacy Act.
CORPORATE COMPETENCIES
Has knowledge of and demonstrated ability in our corporate competencies:
• Acts with the Customer in Mind
• Ensures Accountability
• Continuously Seeks to Improve Work Processes
• Collaborates
• Communicates with Impact
• Is Resilient
EDUCATION, TECHNICAL SKILLS AND CERTIFICATION
• Understanding of information technology and information security achieved through a three-year post-secondary diploma in Information Technology, Information Security. This job may be considered for educational equivalency in accordance with County Policy.
• Security related industry standard certifications like CompTIA Security+, CompTIA CySA+, EC-Council CSA, and ISC2 CC are a benefit.
• General understanding of information technology topics including networking, operating systems, hardware and software management.
• Problem solving and critical thinking skills to diagnose problems and determine steps necessary to achieve an effective solution.
• Ability to communicate effectively to users with varying levels of computer understanding. Ability to translate complicated technical language into layperson terms for training purposes.
• Ability to work effectively with constant interruptions; ability to work simultaneously on several projects independently and to use good judgment in determining priorities.
• Technical writing skills required to document systems procedures and prepare reports.
• Relevant experience supporting a production environment, support management and continuous improvement.
• Valid G class drivers license and access to reliable vehicle.
• Criminal records check that is less than 6 months old at time of hire.
EXPERIENCE
• Four (4) years of experience in the information technology field in information security, network administration, systems administration, or help desk roles.
• Experience working in a large, complex technical environment with a wide range of infrastructure.
EFFORT
• No physical effort of note is associated with this position.
• Significant mental effort required for systems analysis and design, diagnosing system failures, and managing various tasks on multiple projects simultaneously.
WORKING CONDITIONS
• Typical office environment.
• Required to participate in an on-call rotation schedule.
• May be required to attend the workplace or log in from outside the workplace during evenings, nights, or weekends for incident response and problem resolution.
• Ability to work remotely if required.
