he security analyst will contribute to on-going cybersecurity operations and assist in expanding IT security capabilities. The preferred candidate possesses a blend of security competencies, creative thinking and effective communication skills that will enable the individual to contribute in a dynamic, rapidly changing environment.

Key Responsibilities:

Response to security alerts, incidents and initiatives as they pertain to the ongoing daily activities of the global Cybersecurity Operations team. Participation on the operations on-call and escalation teams for tickets, incidents or security tool troubleshooting Perform security event monitoring & analysis of potential vulnerabilities and alerts from detection systems Help to prioritize impactful threats thru threat intel review and security advisory monitoring Assist with vulnerability scanning, management and tuning of endpoint security tools and developing detection techniques to refine security systems Collaborate with internal and external stakeholders on projects and initiatives to advance the security roadmap Key Competencies:

2 years of relevant and progressive personal or professional experience in Cyber Security and/or Information Technology Bachelor’s degree in MIS / Information Technology / Cyber Security, a related field, or the equivalent education and/or experience Experience with common endpoint and network security (intrusion detection, IDS\IPS firewall technologies, anti-virus and endpoint logging technologies) Experience monitoring threat intel and prioritizing impactful threats based on an environment’s exposure Familiarity with common network, system and web application attack vectors and related mitigation strategies Fundamental knowledge of network and web protocols Experience using network, web and mobile application vulnerability scanners and an ability to analyze scan reports Ability to work independently, as a key contributor to the IT security team and participate in cross-functional teams Ability to identify & propose solutions that improve security capabilities & drive operational efficiencies Effective communication skills and the ability to independently manage small projects Experience with advanced cybersecurity technologies and cloud application\SaaS security or secure SDLC (CI\CD) methods is considered a huge plus Any industry standard security certifications considered a plus Ability to drive automation through scripting capabilities using Python and PowerShell considered a plus

=============================

Operational Management Identify network and system security vulnerabilities, investigate and report the severity of the vulnerability, and facilitate the activities required to resolve the issues. Track and communicate remediation steps to resolve security issues to the teams involved. Conduct various audits including for user accounts, permissions, and access rights. Monitor system logs (server, firewall, IDS/IPS, etc) and network traffic for unusual or suspicious activity. Interpret activity, identify threats, and make recommendations. Work with Ops and IT Teams to maintain up-to-date and secure configurations and baselines (core images, GPOs, etc.) for all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Work with Managed Security Service Provider (MSSP) to ensure accurate, complete and continuous logging of all enterprise devices (servers, network, and security appliances). Act as Level 1 incident response for issues escalated by MSSP, vendors, or internal customers. Acquisition & Deployment Maintain up-to-date knowledge of trends in the Security Industry including awareness of new or revised security solutions, improved security processes and best practices, and the development of new attacks, exploits, and threat vectors. Recommend additional products or enhancements to existing security solutions to improve overall enterprise security posture. Document and implement the deployment, integration, and initial configuration of all new security solutions and/or enhancements to existing security solutions following enterprise standard operating procedures (SOP) and industry best practices. Strategy & Planning Participate in the planning and design of enterprise security architecture, under the direction of Operations Management, where appropriate. Participate in the creation of enterprise security documentation (policies, standards, baselines, guidelines, and procedures) under the direction of the Information Security Officer, where appropriate.

-===============================================

Responsibilities

Using specialized tools, review alerts generated by intrusion detection systems as well as logs produced by multiple types of systems. Open and track incidents based on suspicious alerts and/or logs in accordance with the intervention protocol of each client. Track vulnerabilities found on the infrastructure of clients using our vulnerabilities detection systems, and assist with the identification and recommendation of solutions related to the scheduling of the scans. Monitor the networks of clients using our remote monitoring and intrusion detection infrastructure, ensure the availability of said infrastructure and recommend solutions that would improve the security posture of the clients. Produce the required monthly reports. Answer and respond to calls for support. Contribute to the evaluation of our intrusion detection systems in the pre-production environment in order to identify and report anomalies and/or to suggest improvements to the remote monitoring solution. Other duties related to the position or according to emerging business needs. Support Incident response and malware analysis occurring in client environment. Support fine tuning and correlation rule creation under instruction from ISS or Senior ISA.

===========================================================

Key Responsibilities Operate security systems, including, intrusion detection systems, web access and messaging gateway filters, endpoint protection software, network access control systems, PKI, etc. Triage and respond to trouble tickets. Monitor logs and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution. Identify potential internal and external threats. Participate in security incident response efforts by, amongst other things, having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. Serve as technical resource within Information Security projects. Keep current with emerging security alerts and issues. Develop and maintain security documentation.

Requirements College or University degree in Information Security or a related area. Relevant information security certifications are highly desirable. Minimum of 2 years of experience in Information Technology. Minimum of 1 year of experience in administering Information Security controls. Experience SIEM technologies and other security technologies. Ability to balance security requirements with enabling the business. Strong customer/client focus with the ability to manage expectations appropriately; provide a superior customer/client experience; and build long-term relationships. High level of analytical and problem-solving skills. Strong interpersonal and oral and written communication skills. Ability to conduct research into security issues and new products as required. A team player. English is essential. Bilingualism is an asset

Your responsibilities will include:

supporting the security assessment of Layer 3 network security architectures, including firewalls, routers, proxies and Demilitarized Zones (DMZ) leading the entire incident response by providing advanced security incident analysis, recommending containment and remediation actions, performing independent analysis of security events, and reporting of identified incidents to Incident Handling (IH) working closely with the Security Operations management to develop and enhance the ongoing security operation strategy identifying threats and developing suitable defense measures, evaluating system changes for security implications, recommending enhancements, researching and drafting cyber security reports and white papers, providing first-class support to the cyber security operations staff when resolving technical and often challenging cyber security issues providing targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks proactively monitoring SOC provided tools performing initial analysis, identification, remediation actions, and supporting documentation of network intrusions and computer system compromises configuring Windows and Linux host-based security, as well as network and cloud-based security systems observing and responding to Intrusion Detection System (IDS) cues and anti-malware alerts updating, sustaining and administering a high level of security for in-house security infrastructures running vulnerability evaluation and fuzzing protocols for hardware and software

===================================================

What You’ll Do Conduct information security investigations and breach management activities utilizing approved processes and techniques on electronic audits, security logs review, and to gather forensic evidence. Maintain clear, concise, objective and complete documentation regarding all details of information security breaches and investigations to ensure action taken to contain and remediate these events are formally recorded. Monitor and maintain security tracking tools and associated databases and prepare reports and presentations on metrics and risk trends. Conduct security, vulnerability, and risks assessments related to the information security features of the systems, networks, and related administrative activities. Develop reports and recommend mitigation strategies where necessary. Respond to and manage customer security related requests based on risk and urgency analysis to ensure appropriate prioritization and timely response to high priority events. Coordinate completion of remediation activities to security incidents in collaboration with technical teams within Technology Services and Client representatives. Liaise with the Information Access and Privacy department on security assessments, audits and investigation, as required. Actively participate on internal and external committees, as required. Provide day-to-day guidance and direction both verbally and in writing to internal staff, customers and management on information security processes, policy, standards and best practices. Consult on the development of policies and procedures, and the implementation of security controls. Promote good security practices and a culture of information security awareness. Analyze complex information through acute problem-solving to manage and investigate security incidents. Develop reports, action plans, and response communication on mitigation strategies. Monitor and interpret security alerts generated by security monitoring systems to ensure appropriate and timely response to security-related incidents. Perform other related duties as assigned.=-