Security Analyst

About The Position

Requirements

• 1-3 Years of exposure and understanding of SOC2, PCI DSS, NIST, ISO 27K, CIS security frameworks
• 1-3 Years of prior experience in some form of GRC or Operational capacity would be preferred
• 1-3 Years of working technical knowledge of Framework controls and testing
• 1-3 Years of experience with common IP, TCP/IP, and other network administration protocols.
• 1-3 Years of experience with syslog monitoring, and windows server, Linux.
• 1-3 Years of experience with common IDS/IPS platforms (Snort, Cisco, Fortigate, PaloAlto)
• 1-3 Years of exposure and understanding of Incident handling/response experience
• College diploma or university degree in the field of computer science and/or 1-2 years equivalent work experience in SOC would be preferred.
• CompTIA Security+
• CGRC (ISC)2 , CRISC or equivalent
• GIAC Information Security Fundamentals
• Microsoft Certified Systems Administrator: Security
• Associate of (ISC)2

Responsibilities

• Maintain accuracy of security documents related to Governance Risk and Compliance (GRC)
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Investigate and perform in-depth analysis of exploits and recommend remediation.
• Provide network expertise to support timely and effective decision making of when to declare an incident
• Review security events that are populated in a Security Information and Event Management (SIEM) system and remediate accordingly.
• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
• Independently follow procedures to contain analyze and eradicate malicious activity
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
• Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
• Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
• Daily shift change reports, security status reports and incident reports
• Perform Infrastructure vulnerability management program from configuration to reporting
• Perform WebApp vulnerability management program from configuration to reporting
• Perform Security Awareness Training program from configuration to reporting
• Working with Ticketing system to track events and incidents

Benefits

• Comprehensive Health & Wellness: Extended health and dental coverage, plus a flexible health spending account (HSA), help you take care of yourself on your terms.
• Financial Wellbeing: Plan for your future with our group RRSP matching program.
• Learning & Growth: Access continuing education opportunities, professional development programs, and tuition support to grow your skills and advance your career.
• Work-from-home options: Flexibility of being able to work from home, especially during times when commuting or in-person interactions may not be ideal.
• Recognition & Rewards: Our gamified, people driven program lets employees and leaders give kudos, earn recognition, and be rewarded for collaboration and impact.
• Collaborative Culture: Join a supportive, inclusive team where ideas flow freely, feedback is welcomed, and teamwork drives success.
• Challenging & Innovative Projects: Work on high-impact projects that inspire creativity, experimentation, and forward-thinking solutions.
• Convenience & Comfort: On-site parking, casual dress code, free snacks & drinks, and company lunches twice a month to keep your day smooth.
• Team Connection: Participate in company events, outings, and team-building activities that celebrate successes and build lasting connections.