The Technology Security Analyst role builds and supports programs, processes, and applications that secure and protect Client technology and information assets in accordance with Cyber Security Policies. This role is responsible for improving and sustaining the Client’s technology and information security posture, supporting projects and business operations by identifying technology and information security risks and recommending appropriate security controls.
Key Accountabilities:
- Maintains security platforms including Identity and Access Management, End Point Protection, Systems Configuration Management, Deployment Management, and Vulnerability Management systems.
- Performs, documents, and automates processes related to Identity and Access Management, Patch Management, End Point Protection, and vulnerability management.
- Participates in projects as a technical security subject-matter expert, analyzing solutions, processes & infrastructure, and recommending appropriate technical security controls.
- Coordinates technical security activities with business stakeholders, providing information to security governance.
- Provides technical security expertise and support to BCLC’s Agile delivery teams.
- Supports the day-to-day security monitoring of the integrity of systems and infrastructure components.
- Conducts and supports vulnerability management activities.
- Analyzes and identifies information security trends.
- Contributes to the development and maintenance of information security policies, standards and procedures.
- Provides information on system configurations, accounts and information security practices to auditors and regulators.
Minimum Required Qualifications:
- A degree or diploma in computing or equivalent in a related discipline;
- CISSP or CISM certification preferred;
- 3-5 years of progressive experience in technology and information security;
- Experience in managing and maintaining at least one of the following platforms: OneIdentity Active Roles Server, PingIdentity MFA and SSO products, Microsoft Active Directory, Microsoft SCCM, Palo Alto Traps, Entrust mPKI;
- Experience with Security Incident Response is considered an asset;
- An equivalent combination of education and experience may be considered.
Technical Requirements
- Technical security skills (Application and OS hardening, vulnerability assessments, security audits, networking, IDS, firewalls, privileged identity management, etc.);
- Excellent ability to collaborate and manage relationships at all levels with customers, leaders, contractors and team members to effect change;
- Excellent oral and written communication skills, including the ability to write reports and document procedures;
- Excellent organizational skills;
- Deep understanding of information security risk management, controls and compliance;
- Experience with security tools, such as SIEM, file integrity monitoring and database monitoring;
- Strong analytical and problem-solving skills;
- General business acumen;
- Ability to deal with sensitive matters with a high degree of tact and diplomacy;
Job Type: Full-time
Salary: $75,000.00-$90,000.00 per year
Benefits:
- Dental care
- Extended health care
- Paid time off
- Vision care
Flexible Language Requirement:
- English not required
- French not required
Schedule:
Education:
- Bachelor's Degree (preferred)
Experience:
- Information security: 3 years (required)
Licence/Certification:
- CISSP (preferred)
- CISM (preferred)