Senior Analyst, IT Security

About The Position

Requirements

• University degree in Computer Science, Management Information Systems (MIS) or related field or an equivalent combination of education and experience.
• Minimum 5 years of experience in a complex and diverse IT environment demonstrating experience in IT security.
• Experience in application security, PeopleSoft security, Web Application Firewall technologies, security applications, and DevSecOps practices.
• Knowledge of secure coding, vulnerability management, OWASP Top 10, and secure software development lifecycle principles.
• Ability to collaborate with developers, technical teams, and business stakeholders to identify application security risks and support remediation activities.
• Experience implementing and supporting large-scale, end-to-end information security systems in a multi-platform environment.
• Experience with security technologies such as various monitoring and log aggregation platforms (Splunk is an asset), penetration testing frameworks, operating systems, vulnerability scanners, and endpoint security solutions.
• Knowledge of various programming languages and scripting languages and of computing hardware, software and software development methodologies.
• Experience with writing queries, parsing and correlating data, and various query languages (e.g. SQL).
• In-depth analytical skills for complex problem solving – identification, diagnosis, resolution.
• Knowledge of Incident Handling phases.
• Excellent verbal and written communication skills.
• Ability to work a flexible schedule including occasional weekends and evenings.
• Bilingual: French and English, spoken and written.

Nice To Haves

• Knowledge of the University’s information technology and security policies, procedures and standards would be considered an asset.
• Information security certifications would be an asset (e.g.: SANS, EC-Council, ISC2).

Responsibilities

• Implement, operationalize, customize, configure, program, test, and maintain complex security systems, platforms, and solutions using multiple technologies.
• Provide technical recommendations for improving IT security infrastructure and assists in the coordination of audit and compliance requirements.
• Monitor a wide variety of IT assets, network, and data to ensure the prevention of events that negatively impact confidentiality, availability, and integrity.
• Build/manage reports and analyze logs and messages to identify and report possible security violations.
• Collect and analyse performance reports for various systems, and report trends in hardware and application performance to assist senior technical personnel to predict future issues or outages.
• Develop program code/scripts according to technical standards and security policies.
• Build/develop use cases for Security and/or Network Operations Centre.
• Perform ongoing vulnerability assessments and penetration testing of systems and networks to ensure compliance with security policies, standards, and procedures.
• Interface with IT teams on implementing controls.

Benefits

• competitive salary
• defined benefit pension plan
• group insurance coverage
• employee and family assistance program