Security Operations Analyst

  • Full Time
  • Toronto
  • Posted 2 weeks ago

The opportunity

The Technology Security Analyst is primarily responsible for the implementation, maintenance and monitoring of the security related components and aspects of the corporate infrastructure and software systems. This is to be performed in accordance with certification, compliance and security procedures based upon regulatory and corporate standards and policies.

 

Your job

  • Work closely and cooperatively with all technology department teams to ensure effective application and adherence to the corporate security policies and procedures under all circumstances.
  • Accurately manage and audit access to resources, including domain, system, application and network.
  • Participate in the development of mobility device and network security policies.
  • Maintain all SSL certificates.
  • Participates in PCI-DSS and 52-109 projects as a technology resource.
  • Assist with the maintaining, remediation for 52-109 certification requirements and participate with the audit process as requested by the Manager, Technology Operations.
  • Maintain current knowledge of industry, governmental and corporate certifications, standards and policies.
  • Maintain, remediate PCI-DSS certification requirements and participate with the audit process.
  • Lead internal and external security audits and vulnerability testing of all security procedures on a periodic basis and provide recommendations on required adjustments and modifications.
  • Manage WAN and LAN port accessibility and configurations.
  • Implement and maintain systems and controls to monitor all technology systems for unusual behavior or breaches.
  • Respond to security incidents and report on the impact and remediation steps to management.
  • Maintain accurate documentation and schematics of all security flow processes at the system, application accessibility and infrastructure levels.
  • Work with the IT Support team to implement and maintain corporate anti-virus and spam filtering coverage.
  • Participate in the scheduling of all security patches on corporate servers and network related equipment.
  • Actively participate in company’s Safety Management System (SMS) including, reporting hazards and incidents encountered in daily operations; understand, comply and promote the Company Safety Policy.
  • Develop and maintain all remote network access facilities (VPN, RDP, SSL etc.) policies, procedures and control mechanisms and perform routine audit and exception reporting.
  • Participate in and manage the coordination of the local and co-managed firewall installation and configuration.
  • Implement and maintain LAN/WLAN and WAN network security policies, procedures and control mechanisms to be adhered to by the Operations and Support teams while performing exception reporting analysis.
  • Develop and maintain internet access filtering policies and work with the IT Support team to implement and maintain the internet access filtering and controls.
  • Develop and maintain email content filtering policies and work with the IT Support team to implement and maintain email content filtering and controls.
  • Participate in the development of infrastructure, application systems and network security policies.
  • Participate in after hours, on call rotation.
  • Any other duties as assigned.

 

What you need to succeed?

Must-have

  • Bachelor or Master’s Degree in Computer Science or equivalent experience.
  • Technical experience/exposure of 1 year.
  • Highly motivated and willing to take initiative.
  • Excellent analytical skills.
  • Advanced knowledge of networking protocols/principles (i.e. TCP, IP, VPN).
  • Advanced knowledge of wireless protocols including 802.11 B,G & N and all encryption methods.
  • Solid knowledge of cellular technologies.
  • Excellent knowledge of MS-Active Directory.
  • Knowledge of remote access features.
  • Ability to work in a team environment or individually as required.
  • Ability to travel when required (including travel to US destinations).
  • Availability to work off hours (including evenings, weekends and holidays) if necessary.
  • Advanced knowledge of Microsoft server concepts and processes.
  • Solid knowledge of networking concepts and technologies.
  • Strong knowledge of network security concepts and tools.
  • Advanced knowledge of LAN security technologies.
  • Strong understanding of PCI/DSS and 52-109 regulations and other regulatory requirements.
  • Advanced knowledge of Windows operating systems (beginning with XP) and MS office suite 2007.

 

Nice-to-have

  • Penetration testing experience.
  • Amazon Web Services experience.
  • Experience with Configuration Management Tools such as Puppet or Chef.
  • Experience with anti-virus management console and vulnerability scanning tools.
  • Certification in information security disciplines.

 

What’s in it for you?

  • Paid overtime hours.
  • Work remote 1-2 days a week.
  • Leaders who support your development through coaching and managing opportunities.
  • Opportunity to make a difference and lasting impact.
  • Development opportunity.
  • Discount on flights.
Upload your CV/resume or any other relevant file. Max. file size: 24 MB.