Job Description
PURPOSE
Reporting to the Manager, Cybersecurity & Information Governance, Administrator, Information Security will be responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices, as well as first-level and second-level support for cybersecurity incident management.
In this role, you will get an opportunity to monitor threats to Morguard’s valuable information from threat actors, defend our systems against those threats as well as recommend appropriate IT security controls.
Duties And Responsibilities
Security Incident Management
- Respond to and where necessary, resolve or escalate reported security alerts and incidents.
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and make recommendations to close the gaps.
- Documents incident details, investigation, prioritization, business impact and root cause analysis.
Threat and Vulnerability Management
- Monitors threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
- Ensure vulnerability scans of IT Infrastructure is performed on an ongoing basis, review the results of scans, work with Infrastructure teams to ensure vulnerabilities are remediated as per Morguard’s vulnerability management policy.
- Monitor security vulnerability information from vendors and third parties.
Information Security Reports
- Responsible for generating Monthly and Quarterly management reports to evaluate the efficacy of the security policies in place.
- Suggests necessary changes to security policies for a more secure information system.
Vendor Risk Management
- Helps in assessing current and potential vendors, new services and new technologies from a technical security and information risk management perspective.
- Helps to verify the applicable security control practices of third-party vendors by collaborating with Morguard team leads and vendor representatives to meet Morguard’s security policy requirements.
End User security awareness
- Helps to promote awareness of Information Security standards and policies among IT teams and business users of Morguard.
- Helps to create training programs and modules to educate employees and users on proper security protocols.
- Deploy periodic Phishing simulations and complete follow-up activities including reports.
- Participates in Information Security and other IT projects to ensure security best practices are deployed at the initial inception of any IT system.
Any other job-related duties and/or projects that may be assigned.
Education, Skills, Knowledge And Experience
- Bachelor’s degree in computer science or a related field.
- Holds industry recognized information security certification such as CISSP or actively working on achieving such certification.
- Detail oriented, organized and self-motivated. Passionate about Cybersecurity and willing to keep up to date with the latest trends in Cyber Security.
- Working knowledge of security controls, security monitoring technologies, malware detection technologies, network security, operating systems, access and identity management, application security, penetration testing, vulnerability management and security incident response.
- Previous experience using a SIEM such as Microsoft Sentinel, MS Defender, Splunk, Q-Radar etc.
- Very good understanding of Microsoft Active Directory, Entra ID, IIS, SharePoint, Teams, especially as related to role-based access management.
- Understanding of Cloud Computing and its use in relation to enterprise software, Microsoft Azure, AWS, Office 365, Exchange Online, Intune etc.
- Basic knowledge of Common IT and Network security concepts including TCP/IP, routing, switching, firewalls, server management, web proxies, access control and authentication, network protocols, network and systems design.
- 2+ years of experience as a Security Analyst, in the field of Information Security and Information Risk Management in addition to Security Incident Management.
- 2+ years of experience securing on-premises applications as well as applications within cloud platforms.
Core Competencies
- Strong analytic and problem-solving skills. A hands-on and can-do attitude, with strict attention to detail.
- Ability to work independently and collaboratively.
- Ability to prioritize and meet tight deadlines.
- Solid understanding of Microsoft Operating Systems including Servers and End user computing devices, network infrastructure (encryption, security, firewalls, etc.).
- Experience with security tools such as SIEM, Vulnerability Scanners, Microsoft Security and Compliance, Advanced Threat Protection technologies is required.
About The Team
Morguard is a fully integrated real estate company. We own, manage and invest in high-quality, well-located, geographically diversified assets across North America. We have built our business with strong leadership and a proven management platform that have generated substantial, risk-adjusted returns – and significant long-term growth. With more than 40 years of experience and a dynamic team of 1,500 professionals, our commitment is to realize the potential of real estate through value creation and operational excellence.
We are committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). If you require accommodation during any stage of the recruitment process, please notify Human Resources at hrassist@morguard.com or 905 281-5967.
