IT Technical Consultant (Network Security)

Work Illustration

Reporting to the Manager, IT Security Architecture and Operations, the IT Technical Consultant will assist in design, configuration, maintenance of Network Security Infrastructure. The successful candidate will work closely with IT Security Architecture and Ops teams; as a business enabler and service provider, the IT Technical Consultant will assist in the identification of effective solutions to meet the goals of the department and recommend business and technical process redesigns which maximize efficiencies and align with operational goals for the organization.

The Incumbent is expected to behave ethically and follow the established code of business conduct, policies and internal control procedures, laws and regulations governing Toronto Hydro.

Key Responsibilities

Work Management

• Assists with management of day to day operations associated with Network security technologies such as Email Security, Network Intrusion Detection/Prevention (IDS/IPS), SSL Proxy, DNS Security solutions
• Assists in developing solution architecture, implementation/configuration of relevant controls associated with the Endpoint security solutions to protect against internal and external threat vectors (Host based firewalls, Anti-malware prevention).
• Participates in technical discussions with relevant IT and business teams to understand requirements and have the ability to review, understand current system architecture, design and provide recommendations to fulfil business requirements by complying with security requirements
• Participates in real-time network security event monitoring and response
• Implements changes on network security devices following established change management process
• Provides second-level, detailed threat and vulnerability analysis based on data collected from network security devices such as firewalls, IPS/IDS, servers and endpoints
• Provides support for Incident Response (IR) investigation when analysis confirms an actionable incident
• Identify actionable indicators of compromise through analysis of network forensic data
• Analyzes and responds to previously undisclosed software and hardware vulnerabilities
• Researches and analyzes events to determine classification, correlation, and root cause of problems
• Identifies emerging threat tactics, techniques and procedures used by malicious cyber actors and publish actionable threat intelligence for business and technology management
• Assists with root cause analyses for events and/or incidents when underlying issues are unknown
• Applies and ensures compliance with all appropriate security standards and adherence to regulatory access management controls
• Reviews and assesses operational processes to identify opportunities for improvement related to provisioning / de-provisioning, privileged access management, authentication / authorization, etc.
• Creates and maintains accurate process documentation
• Required hands-on knowledge on network security and enterprise security monitoring tools such as Snort, Solarwinds, Suricata, Net sniff-NG, Wireshark, Network Miner, Zeek/Bro, packet Capturing infrastructure, Sysmon, ELK stack, etc.
  
  

Asset Management

• Acts as support for the Network Security platforms, providing advanced assistance to end users (Security Operations and IT Helpdesk) and liaising with application vendor’s support when necessary.
• Determines solutions to and remediation of issues relating to security technologies, taking ownership of incident and problem tickets and driving to resolution.
• Manages future Security solutions acquisitions including related equipment, installation, configuration, management and operational support
  
  

Service Management

• Supports and resolves service tickets that relate to network security technologies that are used by IT Security Ops team
• Follows Toronto Hydro’s ITIL processes (Problem, Request, Incident & Change Management)
  
  

Continuous Improvements

• Identifies areas for continuous improvement, and mature existing security solutions to maximise risk reduction and business alignment.
• Updates and manages technical documentation as required, including knowledge base articles, departmental processes and standard procedures
• Any other required activities within the scope of this role
  
  

Requirements

• 6+ years of hands-on experience in designing security solution architecture, implementation and administration of the enterprise Network Security solutions such as Intrusion Detection and Prevention Systems (IDS/IPS), Web Application Firewalls (WAF), Email security solutions, DNS security, SSL inspection technologies and Endpoint Security Technologies (EDR). Note: Preferred candidates with experience in managing network security solutions from Fortinet, Cisco, Palo Alto, Trellix (McAfee), Imperva, Citrix, Microsoft
• Experience (working knowledge and troubleshooting) with IPAM (DNS, DHCP), Email security technologies (preferably FortiMail), IPS/IDS
• Threat hunting capabilities, including but not limited to, Network Capture and traffic analysis, IDS/IPS functionality, log review and analysis and correlation of events in SIEM
• Relevant certifications (CISSP, OCSP, CCNP, CCIE-Security) and vendor security certifications (from Fortinet, Cisco, McAfee, Microsoft) are preferred
• Post-secondary technical degree (e.g. Computer Engineering or Computer Science) or diploma with a suitable combination of education and experience maybe considered
• Demonstrated experience in management and improvement of IT security technologies and process, security architecture, and cyber incident response
• Ability to effectively communicate ideas and influence change with people at all levels of the organization
• Strong stakeholder engagement and project management skills
• Strong organizational and time management skills, with the ability to multi-task and meet deadlines.
• Strong strategic business focus and commitment to partnering with business units to enable them to meet their objectives.
• Experience with NIST Cybersecurity Framework and Ontario Cybersecurity Framework
• Utility Experience is an asset
• Knowledge of Information Technology Infrastructure Library (ITIL)
  
  

Toronto Hydro has introduced a Hybrid Work Arrangement. This position allows for remote work up to three days per week, based on business needs. Employees will be required to come onsite on those days when they are involved in activities that they or their leader feel are better conducted in person. You are expected to live in Ontario and within reasonable commuting distance of the office.