Cyber Vulnerability Analyst

About The Position

Requirements

• Completion of a degree in Computer Science, Information Technology (IT), or a related discipline – or a combination of education, training and experience deemed equivalent
• Demonstrated years experience developing and implementing system security controls, remediation of security issues and identifying and managing threats to the achievement of business objectives; project management experience; and broad-based experience in the CISSP security domains.
• Experience with IPS/IDS, SIEMs and other security tools
• Experience performing security/vulnerability reviews
• Experience with cloud security
• Understanding of application, systems, database, operating system, and endpoint device (laptops, desktops) hardening techniques and standards
• Operational experience with vulnerability management, patch management and cybersecurity tools such as Qualys, Tennable, Rapid7
• Strong communication skills, and the ability to understand and translate cyber security threats from a technical perspective to business-line understanding and execution; ability to communicate risks and propose counter measures to senior technology executives.
• Well-developed analytical, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities with complementary skills for log analytics and diagnosis skills, utilizing regular expression and/or scripting.
• Strong research background, utilizing an analytical approach
• Candidate must be able to react quickly, decisively, and deliberately in high stress situations
• As a member of the 24x7 Information Security Response team, position may be required to be available outside of regular office hours to address issues as they arise.

Nice To Haves

• Experience with Operational Technology considered an asset
• Certified Information Systems Security Professional (CISSP), CCSP (Certified Cloud Security Professional), Security+, Cisco Certified Network Associate (CCNA), GIAC or other similar credentials considered an asset

Responsibilities

• Perform cybersecurity vulnerability scanning to discover and analyze vulnerabilities and characterize risk to networks, operating systems, applications, databases, and other Information Technology (IT) and Operational Technology (OT) system components
• Perform vulnerability end-to-end process and procedures, including reporting of vulnerability, escalation of critical vulnerabilities, and tracking patching/remediation efforts
• Perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings according to Metrolinx standards and policies for network devices, operating systems, IT and OT endpoints
• Maintain configuration control of Vulnerability Management (VM) hardware, systems, and application software; coordinate upgrades and other maintenance activities on VM tools.
• Analyze assessment results and threat feeds to properly react to security weaknesses or vulnerabilities.
• Facilitate internal audits, vulnerability testing and 3rd party pen testing activities.
• Work with the IT Security Operations and IT Operations teams in supporting Cybersecurity incident response activities and reporting
• Engage and collaborate with various teams across the organization along with third party vendors to update, develop technical documentation and associated reports as required
• Monitor security alerts and participate in security incident management and response
• Participate in evaluating, recommending, implementing, responding, and troubleshooting security solutions
• Act as a subject matter expert in the support of internal client support, development, and validation teams. Leverage industry standard and recognized provincial security control frameworks to advance minimum privacy and security practices and specifications
• Participating in incident response and technical investigations as needed.
• Researching vulnerabilities/threats and writing technical and non-technical reports for management
• Collaborate with stakeholders to map out the inventory of devices used throughout Metrolinx to identify, remediate, and patch vulnerabilities, or implement compensating controls.
• Proactively identify, highlight and raise emergent and urgent critical vulnerabilities to Cyber Vulnerability Manager and appropriate IT and Cybersecurity teams to mitigate, protect, and prevent threats to Metrolinx systems and services.
• Participates in the 24x7 Information Security Response team; participates in cross-functional team meetings to remediate identified security risks and close out pending action plans