Analyst, IT Security
Toronto, Ontario
Who We Are: BentallGreenOak is a leading, global real estate investment management advisor and a globally-recognized provider of real estate services. BentallGreenOak serves the interests of more than 750 institutional clients with expertise in the asset management of office, industrial, multi-residential, retail and hospitality property across the globe. BentallGreenOak has offices in 27 cities across thirteen countries with deep, local knowledge, experience, and extensive networks in the regions where we invest in and manage real estate assets on behalf of our clients in primary, secondary and co-investment markets. BentallGreenOak is a part of SLC Management, which is the institutional alternatives and traditional asset management business of Sun Life.
For more information, please visit www.bentallgreenoak.com.
BentallGreenOak promotes a corporate culture that attracts and retains the highest caliber people. We encourage opportunities for growth, development, and promotion by providing our employees with the resources to work effectively and continually strive to perform better. We are committed to a safe and sustainable work environment.
The Opportunity
As Analyst, IT Security, you will support organization-wide Cyber security management. The role is integral in ensuring the successful execution of key strategic priorities, partnering across global business lines to refine/adapt strategic objectives, drive quality execution of projects, and monitor, measure and communicate results to a very senior audience.
Information Security
What You Will Do:
- Oversee compliance and privileged users’ activities reporting
- Administer, troubleshoot, and tune the security solutions implemented to ensure effective and efficient operations
- Monitor risk mitigation and coordinate policy and controls to ensure owners are taking effective remediation steps
- Own the vulnerability management solution to identify and report both external and internal information security vulnerabilities
- Minimize security threats by examining infrastructure and devices, identifying security flaws, and using control analysis to follow up with a prompt solution
- Enforce security policies and procedures by administering and monitoring security profiles, reviewing security violation reports, investigating possible security exceptions, and updating, maintaining, and documenting security controls
- Participate and contribute in BGO projects as a representative of the IT security team throughout the project lifecycle
- Implement new Security solutions under projects in collaboration with senior members
- Support the security assessments to compare previous and current risk performance
Security Awareness
- Lead development and delivery of corporate security awareness campaign
Security Operation
- Maintain operational configurations of all in-place security solutions as per the established baselines (Anti malware, Web filtering, Privileged access management, vulnerability management, IPS /IDS ,FW, etc.)
- Work closely with other team members, technical / team leads/management, specialized IT areas and application support teams to ensure consistent delivery and quality of security services
- Update security operations processes and procedures
- Management of SIEM solution and act as first line incident handler
Who You Are
- Hold a College / BS degree in Computer Science or similar technical field of study
- 3 to 5 years information security experience, preferably in a financial services / investment management / real estate environment
- Security and privacy certifications preferred (CEH, SCCP, GCIAH)
- Knowledge of information security regulatory and legal requirements applicable to investment management
- Knowledge of security and control frameworks such as NIST, COBIT, and ISO 2700
- Strong analytical and problem-solving skills
- Strong knowledge in Information Protection/ IT security principles, procedures, and tools
- Understanding of risk management frameworks (e.g. ISO 27001-2013, NIST)
- Experience in vulnerability scanning tools (e.g. Rapid7, Qualys, Nessus)
- Good understanding in security configuration of Microsoft Active directory, Office 365, Microsoft Azure
- Experience in Privilege access management solutions
- Experience in Security awareness training and phishing test campaign
- Working knowledge of a variety of security technologies in areas of: End Point Protection, IPS/IDS, Malware Protection (Network), SIEM, L7 Firewalls, Digital Certificates, Patch Management, URL filtering, Identity and Access management (IAM), etc.
- Strong understanding of TCP/IP, IPSec, SSL/TLS and other network and encryption protocols
- Strong understanding of all currently supported Windows operating systems
- Proven ability to conduct research into Information Security issues and security products as required
- Able to deal with high priority incidents and critical situations (e.g., spam waves, virus outbreaks)
- Auditing and monitoring the mechanisms, tools, and facilities to permit the identification of security events and to assess operations security capacity
- Proven ability to present ideas in business-friendly and user-friendly language
- Strong track record of executing on and documenting results of security initiatives for a global organization
- Understanding of information security regulatory and legal requirements
- Understanding of security audit requirements
- Strong organizational skills, with the ability to prioritize tasks
- International experience, understanding the complexity of providing technical infrastructure for a global organization
- Ability to work under pressure
- Ability to quickly source and remediate newly identified risks or threats to our technical environment
- Ability to write reports and business correspondence and to effectively present information and respond to questions from groups of managers, clients, customers, and the general public
We thank all applicants for their interest in employment with BentallGreenOak (Canada) LP, however only those selected for an interview will be contacted.
At BGO, we recognize that each employee’s unique experiences, perspectives, and viewpoints strengthen our ability to create and deliver the best value to our clients, partners, and stakeholders/investors. Therefore, we strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientations, and life experiences to apply to our career opportunities.
BentallGreenOak is committed to equitable hiring practices, and we welcome the opportunity to discuss accommodation and ensure fairness and equity in our hiring process. We can support any accommodation, please email us at accessibility@bentallgreenoak.com and include: Job posting number, your name and your preferred method of contact.