Cyber Security Analyst

Utilities Kingston • Full-time • Kingston, ON, CA • C$ 80.78k - C$ 109.23k / year • 5h ago

As Ontario's only multi-utility provider, we offer a comprehensive range of services, including water, wastewater, natural gas, electricity, and telecommunications - all under one roof. This integrated approach empowers us to deliver innovative solutions, exceptional customer service, and operational efficiencies that set us apart in the industry.

With over 150 years of commitment to the Kingston community, we work every day to provide the safe, reliable utility services our customers rely on. Our efforts go beyond keeping the lights on and the water flowing. We’re driving progress through projects that create lasting, positive change. At the heart of everything we do is our vision to advance our unique utility model to benefit our customers and build better communities.

At Utilities Kingston, we believe that strong communities are built by strong teams. By joining us, you'll be part of a collaborative and dynamic environment where your skills and ideas will contribute to enhancing safety, driving reliability, and building a resilient future for our community.

Primary Duties

The Cybersecurity Analyst provides dedicated expertise to protect Utilities Kingston’s systems, data and digital operations. They are responsible for monitoring, detecting, and responding to security threats and vulnerabilities, analyzing security incidents and implementing preventative measures. The incumbent ensures adherence to security policies and supports the organization in reducing cyber risk and maintaining a secure technology environment.

Major Responsibilities

Maintain an up-to-date inventory of endpoints, servers, OT devices, identities, and business applications.
Monitor activity across endpoints, networks, identities and cloud services to identify anomalies such as unauthorized devices, shadow IT and malware.
Analyze and tune detection rules, log sources, and enrichment pipelines to improve fidelity, reduce false positives and strengthen overall threat visibility.
Document investigation findings, hypotheses and outcomes to support knowledge sharing, case management and trend analysis.
Contain and remediate security threats by isolating affected assets, removing root causes such as malware or misconfigurations and coordinating system recovery to restore normal operations.
Document incidents, analyze lessons learned and recommend control improvements to strengthen defenses and prevent recurrence.
Assess infrastructure, applications, cloud services and OT/SCADA systems for vulnerabilities, prioritizing remediation based on exploitability, asset criticality and risk scoring.
Operate and maintain critical security technologies such as firewalls, antivirus/malware tools, multi factor authentication, identity and access management, and related tooling.
Coordinate patching and hardening activities with system owners, track remediation progress, validate fixes through rescans and document closure evidence for audit readiness.
Develop and maintain security standards, procedures and runbooks, conduct control assessments, support internal/external audits, and analyze exceptions to design appropriate risk treatments with business stakeholders.
Monitor adherence to key control requirements, report on control effectiveness and recommend improvements to meet compliance and risk objectives.
Prepare security metrics and dashboards, communicate trends to leadership and evaluate new tools that enhance detection, response and prevention.
Support projects and initiatives by reviewing designs, advising on secure configurations, testing controls and collaborating with IT and application teams to embed security requirements into changes.
Support security and compliance audits, assessments and related work leveraging industry standard frameworks.
Conduct risk assessments for software, systems and 3rd parties.
Support business continuity and disaster recovery planning for the organization from a security perspective.
Create, support and deliver awareness training and educational initiatives.

Education, Certification and Other Qualifications Required

Undergraduate diploma in Information Technology or related field
2 years of experience working in a corporate IT environment with cybersecurity responsibilities
CompTIA Security+, CySA+ an asset
ISC CCET, CCSP or CISSP an asset
GIAC/GICSP an asset
Class G drivers’ licence

Skills, Abilities & Knowledge

Advanced skill in networking, firewalls, and OT/SCADA security
Intermediate communication and collaboration skills
Intermediate Cloud/Microsoft365/Identity skills
Intermediate vulnerability and configuration management skills
Intermediate skill in Data Loss Prevention (DLP)
Intermediate skills in scripting, automation and analytics
Advanced knowledge of security operations & incident response
Intermediate knowledge of GRC frameworks
Intermediate knowledge of data protection principles
Intermediate knowledge of foundational IT concepts and security frameworks
Basic knowledge of Occupational Health and Safety requirements as it relates to individuals, the organization, and operational requirements

Special Working Conditions/Conditions of Employment

These positions are being posted to support the creation of a new roles within the department, ensuring continuity and support for our team and organizational goals.

Your resume and/or cover letter must clearly demonstrate how you meet the requirements of the position.

Appropriate accommodations will be provided as required by the Accessibility for Ontarians with Disabilities Act (AODA) upon request.

Utilities Kingston is committed to employment equity and we encourage applications from all designated group members. Our goal is a diverse, inclusive workforce that reflects the Kingston community.

Utilities Kingston thanks all candidate that apply, however, only those selected for further consideration will be contacted.