Job Title: Senior IT Security Analyst
Location: Montreal, Quebec City, Ottawa
Salary: up to $125,000 CAD + benefits
Working Structure - Hybrid/Remote
As a senior IT security analyst and play a key role in protecting our clients technical environment against IT security threats. You will report directly to the CIO in your day to day, and you'll lead efforts to remediate and mitigate information security risks within the business and ensure the client is well prepared to respond appropriately to cyber risks. Your IT Security expertise will ensure their technical environments remains secure at all times and make any needed upgrades or improvements where deemed necessary.
You will be focusing on:
- Act as a champion and go to person for information security best practice and policies both internally in the IT department and with our staff across Canada.
- Maintain up-to-date knowledge of IT security best practices.
- Assist the IT department in maintaining a current security posture across all aspects of the IT environment.
- Work with the global IT security team to identify and mitigate risks and vulnerabilities in the Canada region where needed.
- Assist the global IT security team with developing and maintaining the firm-wide security infrastructure configuration, policies and procedures, identifying improvements to procedures, and reporting on incidents wherever applicable.
- Assist product owners in ensuring the confidentiality, integrity and availability of the data in their systems.
- Contribute to investigations into problematic activity and provide on-going communication with senior management;
- Contribute to the design and execution of vulnerability assessments, penetration tests and security audits;
- Perform regular security awareness training for all employees;
- Follow up with users who failed phishing simulations, and users who have not attended cyber training ensuring 100% compliance;
- Encourage cooperative working with all business functions. This includes writing process documents and conducting training;
- Work with IT teams to identify gaps in asset management relating to security applications / controls missing from all endpoints.
- Create and maintain the IT Business Continuity Plan and Disaster Recovery Plan.
- Audit patch deployment processes to resolve root cause of failed installations.
- Contribute to the IT security audits.
- Document all security procedures and guidelines for IT and the user community to ensure adherence to national and global IT standards ;
- Willingness to work after-hours or on-call at times.
What you bring to the role:
- College diploma or university degree in the field of computer science, 10 years' equivalent work experience including, preferably, 6+ years as an IT Security Analyst
- Certifications: One or more of the following certifications: AZ-900 (mandatory), GIAC Security Essentials Certification, GIAC Security Leadership Certification, (ISC)2 SCCP, (ISC)2 CISSP, (ISC)2 ISSAP, AZ-500 (asset), Comptia Security Plus (asset), ITIL ( Achieved or pursuing)
- Multi-Location Experience: Experience with maintaining IT security across a multi-location, multi-DC environment
- Vulnerability Management: Experience with vulnerability management and scanning tools, including Qualys and BitSight, or similar toolsets
- Compliance: Experience implementing strategies and technology to maintain compliance with IT security best practice, including ISO27001 and the ASD Essential Eight
- Key skills : Effective communication with all levels of an organization, facilitation and coordination skills, able to cope with conflicting demands and high-pressure environment
- Language skills : Written and spoken English is required, French is preferred and an asset