Information Security Analyst

About The Position

Requirements

• 1+ year experience in Information Security or related IT Information Security role
• Obtained or working towards a bachelor’s degree in information security or equivalent experience
• Obtained or working towards Information Security certifications such as from ISACA, SANS/GIAC, CompTIA, ISC2
• Ability to learn and adapt in a fast-paced, collaborative team environment where knowledge, skills and ideas are openly shared with other IT professionals and departments
• High degree of initiative, dependability and ability to work with little supervision
• Excellent English written and verbal communication skills
• Strong interpersonal and collaborative skills with peers
• High level of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally and with the appropriate level of judgement and maturity
• Excellent diagnostic and problem-solving skills
• Working knowledge of log management platforms such as a SIEM
• Strong understanding of networking technologies such as TCP/IP, DNS, DHCP, switches, NGFW
• Good working knowledge of security principles and trends in the security industry
• Good working knowledge of Windows, Windows Server, Mac and Linux Operating Systems
• Good working knowledge of Cloud environments such as Azure, AWS and GCP
• Understanding of Security Frameworks such as CIS, ISO 27001, SOC 2
• Working knowledge of scripting languages (PowerShell, Python, Shell)

Responsibilities

• Monitor, identify and validate security events generated from Information Security systems and tools, such as SIEM, Anti-virus, XDR or events identified by organization staff
• Contribute to the development, implementation and tuning of SIEM use-cases/detection rules and other security control configurations to enhance threat detection and defense capabilities
• Perform analysis of security event data to identify suspicious behaviour and potential threats
• Respond to critical business impacting situations and coordinate efforts required to engage the necessary resources to remediate the issue
• Escalation of security alerts to events and notifying the Information Security Team Lead
• Responsible for creating, managing and distributing Information Security Awareness training to the organization
• Responsible for responding to Information Security alerts occurring after-hours with a rotating after-hours on-call coverage
• Support MEC’s annual PCI Compliance requirements
• Provide guidance to staff members across the organization on how to identify Information Security events and incidents and usage of Information Security tools
• Responsible for managing and maintaining security tools such as vulnerability management, anti-virus, XDR, password manager, etc.
• Perform Third-Party Risk assessments of vendors, tools and services
• Work with various department projects to provide Information Security guidance and include controls in the development process
• Participate in Information Security huddles, reporting on work done, current security event trends
• Responsible for working on additional tasks as assigned by the Information Security Team Lead or Director of Infrastructure and Information Security

Benefits

• Work-life flexibility
• Hybrid work environment
• Variable annual incentive plan
• Generous annual vacation allotment
• Paid Care time (Wellness/sick)
• Maternity and Parental leave top-up
• Staff Discount and amazing deals straight from vendors
• Top-notch benefit plan
• Retirement Plan, with matched contributions
• Paid days to pursue outdoor activities and/or volunteer in your community
• Access to a learning platform and educational assistance support
• Career development opportunities