IT Security Analyst

About The Position

Requirements

• Basic understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, and Incident Management.
• Solid understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.).
• Demonstrated knowledge of information technology industry trends and emerging technologies.
• Strong written and verbal communication skills with a customer-oriented approach.
• Basic knowledge of tools and products used in IT security (e.g., Azure Sentinel, Falcon CrowdStrike, etc.).
• Familiarity with IT Security frameworks and relevant regulatory obligations (GDPR, SOX, NIST, ISO, HIPAA) is preferred.
• Self-starter with initiative and solutions-focused mindset.
• Awareness of challenges in working with geographically dispersed teams and willingness to cooperate with others.
• Diligence in documenting activities and actions taken during incidents.
• Promote innovation and continual process improvement.
• Demonstrated knowledge and skill in a technical area with logical problem-solving abilities.
• Prefer certification related to Information Security.

Nice To Haves

• Familiarity with IT Security frameworks and relevant regulatory obligations (GDPR, SOX, NIST, ISO, HIPAA).
• Certification related to Information Security.

Responsibilities

• Perform operational reviews of IT security systems and monitor key consoles for alerts.
• Initiate and participate in the investigation of alleged security breaches, determining root cause and impact.
• Respond to questions and suspected incidents through Stantec's IT ticketing systems.
• Review current IT security trends to make recommendations for Stantec's IT security strategy.
• Monitor public and private channels for adversary trends or vulnerabilities and adjust IT security systems accordingly.
• Assist IT Security administrators in managing and configuring IT Security systems and controls.
• Ensure all security incidents and near misses are reported per Stantec's Security Incident Response Plan.
• Act as advocates in support of Security Awareness and promote good security practices among end-users.

Benefits

• Medical, dental, and vision plans
• Wellness program
• Health saving accounts
• Flexible spending accounts
• 401(k) plan
• Employee stock purchase program
• Life and accidental death & dismemberment (AD&D) insurance
• Short-term/long-term disability plans
• Emergency travel benefits
• Tuition reimbursement
• Professional membership fee coverage
• Paid family leave
• Ten paid holidays per year
• Accrual of vacation between 10 and 20 days per year
• Paid sick leave in accordance with state and local law.