Information Security Operations Analyst

Our client who is based in Downtown Toronto is looking for an Information Security Operations Analyst to join their small, but dynamic team, and play a critical role in the analysis and maintenance of the security and integrity of their data network.

This position requires an understanding of Information Systems as they relate to the security and the protection of sensitive data and you would have acquired this experience over the past 3-5 years of your career.

The position offers an excellent base salary, 100% medical and dental benefits that will start from Day One and an annual bonus scheme. If this sounds interesting then please review the requirements of the role and the experience you would need to bring to the position to be successful.

 

Required technical skills and Duties

• Ability to analyze and identify security solutions based on the latest industry best practices

• Familiar with various malware categories, their characteristics, and network-based indicators of compromise

• Experience with networking vulnerabilities and exploit methods such as DDoS, XSS attacks, SQL injection and how to recognize attacks in-progress

• Experience with dynamic and static web application assessments

• Solid understanding of the OWASP Top 10

• Experience performing incident triage, analysis, response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections

• Progressive knowledge of Next Gen Firewalls such as Palo Alto Networks, FortiNet, or Forcepoint. Hands on experience with one in this list is strongly preferred.

• Hands on experience with logging, monitoring, and alarming technologies such as Wireshark, Splunk, Tenable Nessus, or SolarWinds.

• Hands on experience using and reviewing the results from compliance scanning tools such as Nessus.

• Experience designing and implementing DLP and Endpoint Protection solutions

• Strong understanding of enterprise-level networks, networking protocols, devices, and architecture

• Hands-on experience with technologies including but not limited to; VMWare, Networking, Linux administration and Windows Administration

• Experience with mock or real security breach discovery and management

 

Key Competencies:

• Demonstrated leadership abilities; i.e. experience taking ownership of problems and working on projects involving multiple resources.

• An understanding of the importance of securing sensitive information as well as ensuring the integrity of the systems being administered;

• Strong verbal and written communication skills, including the ability to communicate and interact effectively with technical professionals as well as users and others who are non-technical experts;

• Strong customer service orientation, with a demonstrated ability to listen and understand, and to establish and maintain effective relationships with users;

• High level of analytical and problem-solving skills, including the ability to follow problems through to resolution;

• Initiative and creativity to develop new approaches or solutions;

• Ability to work independently and take accountability for the quality of work;

• Equally able to work effectively and collaboratively as a team member, sharing information and ideas in a timely manner;

• Ability to plan and manage time effectively, multi-task, prioritize and meet deadlines in a fast-paced, time-sensitive environment;

• Ability and commitment to acquire new skills and improve knowledge and competencies

• Availability outside of business hours to help troubleshoot critical production issues.

While a College-level Diploma or University Degree in a related field would be preferred our client is more interested in your hands on work experience within Information Security and your ability to work within a small team, not be afraid to take on different challenges and help them maintain the integrity of their systems

 

Looking for Meaningful Work? We can help!

If you're a technical professional, you know that it can be difficult to find fulfilling work that advances your career. At the Ian Martin Group, we exist to connect professionals like you with meaningful work at industry-leading companies in your field. And we walk the walk, too: as a Certified B Corporation, we believe in using business as a force for good for people, our communities, and the environment.

We value diversity and inclusion and encourage all qualified people to apply.

We encourage all qualified candidates to apply; however, only those selected for an interview will be contacted.

Information Security Compliance Analyst

Are you an Information Security Compliance Analyst who has between 3 to 5 years of experience in this field and is now looking to move to a new company where you will have total responsibility for all their security compliance requirements, ensuring new systems implemented are properly secured and any potential risks are raised to management in a timely manner? If yes then please read on…..

 

Our client is looking for someone to join them to ensure that not only are the systems all compliant from a security perspective but you will also be developing ongoing security awareness training for all areas of the organisation and ensure this training is conducted on a frequent basis.

 Expected duties and experience:  

• Participate in planning, scheduling and preliminary analysis for all internal and external audit projects

• Coordinate internal and external audit activities including notification and scheduling for all affected parties of audit timing, scope, objectives, approach and deliverables

• Keep existing policies and procedures aligned with audit and security requirements

• Develop value added recommendations to deal with issues identified during assigned audits and draft audit reports to formally communicate the results of the audit and related recommendations

• Monitor implementation of outstanding audit recommendations and validate their implementation

• Good understanding of audit process/methodology, and risk management/advisory ability

• Experience in using a risk-based audit approach in evaluations of and recommendations for management processes

• Review daily threat matrix and provide appropriate reporting and escalations

• Request and review vendors auditing documentation to ensure alignment with Canada Guaranty internal controls and provide assessments and recommendations

• Design, deliver and manage an Information Security Awareness Training program

• Work with business leader to design and manage the data classification process

• Understanding of DLP, User Behavior and Endpoint Protection technologies

• Experience with mock or real security breach discovery and management.

 

• A strong understanding and experience with at least one of the following security compliance frameworks: CSAE 3416, SOC1, ISO 27000:2013 would be a definite asset though not mandatory

 

Key Competencies:

• Demonstrated leadership abilities; i.e. experience taking ownership of problems and working on projects involving multiple resources.

• An understanding of the importance of securing sensitive information as well as ensuring the integrity of the systems being administered;

• Strong verbal and written communication skills, including the ability to communicate and interact effectively with technical professionals as well as users and others who are non-technical experts;

• Strong customer service orientation, with a demonstrated ability to listen and understand, and to establish and maintain effective relationships with users;

• High level of analytical and problem-solving skills, including the ability to follow problems through to resolution;

• Initiative and creativity to develop new approaches or solutions;

• Ability to work independently and take accountability for the quality of work;

•Equally able to work effectively and collaboratively as a team member, sharing information and ideas in a timely manner;

• Ability to plan and manage time effectively, multi-task, prioritize and meet deadlines in a fast-paced, time-sensitive environment

• Ability and commitment to acquire new skills and improve knowledge and competencies

 

Education/Qualifications: while a College-level Diploma or University Degree in a related field would be desirable though not mandatory- experience and attitude is more important to this client

 

Looking for Meaningful Work? We can help

If you're a technical professional, you know that it can be difficult to find fulfilling work that advances your career. At the Ian Martin Group, we exist to connect professionals like you with meaningful work at industry-leading companies in your field. And we walk the walk, too: as a Certified B Corporation, we believe in using business as a force for good for people, our communities, and the environment.

We value diversity and inclusion and encourage all qualified people to apply.

We encourage all qualified candidates to apply; however, only those selected for an interview will be contacted.