Information Security Specialist (Remote)

About The Position

Requirements

• Minimum of 5 years experience as a Security Analyst with experience leading security projects.
• Minimum of 5-7 years experience as a System Administrator (Unix/Windows) or Network Administrator
• Minimum of 3 years experience in a security operations center and/or system administration role
• Minimum of 3 years experience in cloud services security.
• Presenting security concepts at an executive level.
• Experience leading Incident response and remediation of security incidents.
• Strong networking background.
• Experience in access control and identity management for on premise and cloud environments.
• Strong understanding of Security Architecture.
• Hands on experience managing various security tools (e.g. Web Content Filtering, Anti-Malware, Firewalls, Intrusion Protection, etc.)
• Ability to write security requirements and design documents
• Ability to analyze system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS and firewall logs
• Knowledgeable about security controls and processes, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
• Bachelor’s degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.

Nice To Haves

• CISSP, OSCP, GCIH, CCNA, MCSE certifications would be considered an asset

Responsibilities

• Responsible for cloud security controls, processes and architecture consultation, design and monitoring.
• Responsible for overall access control management including but not limited to auditing current access controls to identify potential risks, making recommendations for improvement in security and tracking remediation.
• Responsible for conducting risk assessments against various regulatory compliance such as HIPAA, PCI, etc.
• Responsible for the installation, maintenance and monitoring of security tools to protect systems and data.
• Performs vulnerability scanning for network devices, applications and databases to identify vulnerabilities.
• Analyzes and assesses security incidents and escalates incidents by following incident plan.
• Develops and maintains standard practices and procedures for appropriate response to identified threats.
• Manage and analyze security information and event management (SIEM) tools and services to identify and respond to events as appropriate.
• Assesses potential risks and vulnerabilities to develop baselines and assist with response to deviations.
• Performs risk and security assessments of applications, databases, and servers and supporting network technologies, such as routers, switches, access points.
• Works with IT teams to solve information security system problems and issues in a timely and accurate manner.
• Monitors activities and events to detect, classify and act upon anomalous behavior appropriately in a timely manner.
• Develops and executes corrective action and remediation plans for identified issues, risks or vulnerabilities.
• Assess emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities.
• Participate in annual security audits, incident response exercises, security reporting, audit and compliance support.
• Work with Information Security Officer to provide security incident escalation support and remediate security issues.
• Performs reviews and assessments of security controls before hardware/software is migrated to production.

Benefits

• A competitive compensation package
• A casual work environment
• Full range of employee benefits
• 401(k), Health Insurance (medical, dental, vision, life, short and long-term disability, AD&D)
• Paid Vacation
• We offer a competitive Total Rewards program including health benefits, RRSP matching, stock option, and career development opportunities.