Do you value integrity and innovation? How about passion and caring? Great! Us too, and that's why you'll fit right in. Our intentional culture promotes trust and participation, encouraging you to bring your heart and mind to work every day.
In-scope
Work Location: This role is eligible for hybrid work at the manager’s discretion. This means you’ll have the flexibility of working from home and in the office (any one of the Saskatchewan Branches) on a scheduled rotation.
GENERAL ACCOUNTABILITY
The Cyber Security Analyst monitors, detects, and responds to cyber threats to SGI and its systems, and identifies any potential violations to SGI’s security policies and standards. They execute processes to monitor, tune, and harden systems and services related to the security of networks, applications, and infrastructure. They also develop awareness materials and assist in educating SGI users on risk-based security practices, which involves researching the latest information on security trends and software to help secure SGI’s data. The role executes information/cyber security-related investigations, analysis, and evidence gathering activities. Participates in a standby rotation and/or callback incidents as assigned.
Key Accountabilities
Note: This section is not intended to be an exhaustive list of duties and responsibilities – other duties and responsibilities may be assigned.
- Provides input for information security policies, standards, controls, and procedures.
- Provides technical advice, guidance, training, and support to users, partners, and systems personnel relating to cyber security risks, threats, or issues.
- Interacts with other IT Staff to enhance the understanding of security issues and implement solutions.
- Assesses and consults on data protection methods (e.g., access controls, encryption, vulnerability management).
- Assists in developing appropriate mitigation strategies for identified threats.
- Investigates cyber security-related alerts, events, and incidents.
- Assists in the response and handling of security breaches, events, escalations, or intrusions that occur within the environment .
- Triages incident tickets that come into the cyber security team and works the tickets to remediation.
- Facilitates the monitoring of server logs, firewall logs, intrusion detection logs, network traffic, and business applications logs for unusual or suspicious activity.
- Trends, manages, and tunes security monitoring and alerting solutions.
- Monitors security tools, vendor alerts, websites, and periodicals for threat alerts; identifies potential impact; escalates as necessary to management; and acts as appropriate.
- Provides alerts trend analysis and metrics recommendations for use in generating “Use Cases” for implementation in SIEM and other security tools.
- Prepares automated and ad hoc reports and/or interprets data from various security data sources (e.g., Security & Information Event Management, Intrusion Protection System, Data Loss Prevention).
- Participates in vulnerability management/penetration testing, including execution, remediation, and documentation.
- Reports results of scanning or testing and provides security recommendations for further system security enhancement directly to area management.
- Creates and maintains IT Operations run books for security-related alerts.
- Drives security operations improvements through automation and system integrations.
- Monitors and ensures established and documented processes for event detection are followed, and provides overall guidance to IT Operations, ensuring all alerts and incidents are addressed in a timely manner and handled thoroughly through to completion.
- Contributes to the development and delivery of cyber security awareness training and promotes security awareness to ensure system security.
- Reviews and maintains standard operating procedures and protocols pertaining to security events .
- Conducts security research to incorporate knowledge of latest security issues and contributes to improving internal processes.
- Assists in developing and executing weekly/monthly/quarterly information metrics and event reports.
High Performance Team & Culture
- Supports a culture of leadership and accountability to effectively meet the key accountabilities within the scope of the role.
- Displays leadership by committing to a culture of continuous learning/development of self and supports others by actively sharing knowledge, providing guidance, mentoring, training, and supporting developmental opportunities.
- Demonstrates that the Health, Safety and Emergency Management Policy is applied in area of responsibility for self and others.
- Actively applies knowledge to support transformation and strategic initiatives of the corporation, while participating and advocating change and applying a growth mindset.
Technical Knowledge & Skills
- Knowledge of information security best practices, principles, and methodologies.
- Knowledge of Cloud, Azure, and associated technologies as they relate to security.
- Knowledge of risk management practices and security program development.
- Knowledge of end user security awareness programs.
- Skill in analyzing and correlating data to identify potential attacks, patterns of attacks, security violations, incidents, and malicious activity.
- Skill in evaluating security trends, evolving threats, risks, and vulnerabilities.
- Skill in scripting (Python/PowerShell).
- Skill in documenting incident handling processes as run books.
- Knowledge of IT systems development life cycle and implementation.
EDUCATION & CERTIFICATIONS
- Four-year degree from an accredited post-secondary education institution in a relevant field of study, such as Information Technology, Mathematics & Applied Sciences, or defined equivalency.
Experience
- 1 – 2 years’ relevant experience.
BEHAVIOURAL COMPETENCIES
Leader Level 2 – Applies (Self & Others)
- Accountability - Goes Beyond Basic Expectations to Implement Customer/Partner Focused Solutions
- Business Acumen - Applies Business Fundamentals and Thinks in Future-Oriented Terms
- Change Agility - Is Nimble; Shifts Gears Quickly and Comfortably
- Leadership - Leads Self and Other
Pay Range:$65,328.00 - $82,452.00
Posting Close Date:
January 19, 2023
As you prepare to submit your application, and cover letter if applicable, please highlight the achievements that demonstrate why you're a great candidate for this role.