Background and Job Summary
Codan (Canada) Inc. (CCI) is the Toronto office of Conyers (conyers.com), a leading international law firm advising on the laws of Bermuda, the British Virgin Islands and the Cayman Islands. Conyers has over 140 lawyers in six offices worldwide and is affiliated with the Conyers Client Services group of companies, which provide corporate administration, secretarial, trust and management services.
CCI is devoted to providing superior technology, marketing, innovation and project management support to the Conyers user community. We are a young, dynamic company where talented, creative, results-oriented technology professionals can thrive.
Join our team in downtown Toronto where you will safeguard and protect our information assets and critical data from current and emerging cyber threats and support risk mitigation efforts.
Roles and Responsibilities
Work in our Security Operations team and report to the Network and Security Architect located in our Toronto office. The Security Analyst – Tier 1 role works closely with our Service Desk Level 1 and Level 2 teams to handle security tickets. The ideal candidate has a passion for computing and keen interest in cybersecurity. The ideal candidate must also be personable and able to effectively communicate with our user base and with their peers.
What Will You Do
· Handle and process incoming phishing tickets and bypass requests
· Work collaboratively with various levels of technical resources to address security concerns.
· Answer security-related queries from Service Desk, Level 2 support and staff members
· Work closely with Security Analysts, the Network and Security Architect and the Enterprise Architect to respond to security-related issues, including reporting, investigating and resolving security breaches and implementing safeguards, countermeasures
· Create, maintain and pull useful reports from our various security toolsets and SIEM platform
· Attend weekly security advisory meetings and one-off touchpoints
· Keep up-to-date on all security trends, threats, exploits
· Monitor the Vulnerability Management platform
· Monitor the Data Loss Prevention and Endpoint Detection and Response platforms
· Monitor the Secure Internet Gateway platform
· Monitor the Vendor Access Management platform
· Ensure compliance with IT and Security policies and timely remediation of audit items
· Maintenance of published documentation for standard processes related to security
· Work with vendors on external penetration testing and vulnerability assessments
· Continually analyse current infrastructure and identify security implications or shortcomings, advise on improvements. Infrastructure includes Windows desktops with MS Office, VMware, MS Servers, Linux, Citrix remote access and Cisco routers and switches.
· Monitor security systems such as logging and alerting, honeypots, intrusion prevention, and application hardening and firewalls.
· Work with colleagues on the Infrastructure Security Management System documentation of tools, logic, policies, and procedures
· Participate in ISMS meetings and be actively involved in ISO 27001 certification obligations
· Participate in security risks evaluation, threats and vulnerabilities assessments.
· Provide support in developing and maintaining security training initiatives and help develop a corporate culture where “security is everyone’s job”.
· Provide security reviews on change control submissions.
What You’ll Need
· Computer Science or other related degree.
· 1-2 years’ experience in a computer related role with security as a focus or an interest
· Some experience with SIEM, EDR and DLP products
· Understanding of phishing tactics and how to identify suspicious emails and hyperlinks
· Solid technology generalist with good experience with Windows administration
· Good understanding of networking concepts, tcp/ip suite, client/server models, DNS and network protocols
· Willing to learn on the job, pick up concepts quickly
· Keen interest in malware and how malware works, methods of infection
· Understanding of the uses of cryptography in technology.
· Ethical hacker certification is an asset.
· Excellent verbal and written communication and presentation skills.
· Able to employ a variety of soft skills and tactics to influence stakeholders, peers and management.
· Ability to prioritize appropriately and adjust to shifting priorities
Note: Some international travel required (<5%); after hours on call responsibilities; flexible work hours.
Codan (Canada) Inc. is an Equal Opportunity Employer. We will provide accommodations to applicants with disabilities throughout the recruitment, selection and/or assessment process. If selected to participate in the recruitment, selection and/or assessment process, please inform us of the nature of any accommodation(s) that you may require.