Our market leading energy client has an immediate need for a Cyber Security Analyst. This is an 8-month contract position located out of their Calgary head office.
Job Duties & Responsibilities
The Cyber Security Analyst will provide expertise predominantly in two areas, program management and operations.
- Supporting the implementation of the client’s Cyber Security Program activities and related projects and initiatives.
- Performing and/or participating in the maintenance and enhancements of vulnerability management systems, initiatives, and integration.
- Producing and analyzing scan reports (vulnerabilities, risk scores, dashboards, KPIs, exception, compliance, etc.) and driving the improvement of the Vulnerability Management processes and reporting.
- Assisting in the coordination of efforts or initiatives for penetration testing, system and application vulnerability management and overall technical risk assessments.
- Participating in the Change Management Process.
Skills & Qualifications
- Familiarity with vulnerability assessment and penetration testing principles, tools, and techniques, including Nexpose, Appspider, Insight VM, Burp, Metasploit, Nessus, and Scripting languages.
- Ability to collaborate and communicate effectively and tactfully with both business-oriented executives and technology-oriented personnel.
- Experience with automating complex security activities.
- Experience with IBM QRadar, McAfee ENS and CheckPoint Firewall & Cloud technologies.
- Knowledge of prevalent operational security tactics and techniques (vulnerability exploits and countermeasures, remote access trojans and related persistence techniques, social engineering, etc.).
- Interaction with multiple teams (IT architecture, Operations, application development, etc).
- Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
- Excellent communication skills including oral, technical and business writing, documentation and presentation skills.
- Post-secondary education in information technology or related discipline or a combination of training and working experience.
Nice to Haves
- Knowledge of Formal Threat Risk Assessment (TRA) approaches such as Harmonized Threat and Risk Assessment (HTRA) methodology, ITSG-33, NIST SP 800-30, ISO 27005, OCTAVE, and FAIR.
- Knowledge of vulnerability assessment & penetration testing principles, tools, and techniques.
- Familiarity with common best practice security assessment & testing methodologies.
- Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
- Excellent time management, organizational and prioritization skills.
- Ability to work independently and as part of a collaborative team.
- Excellent interpersonal skills.
- Project Management.
- Participating in sprint review or retrospective meetings.
- CISSP, CISM, CISA, CRISC, GPEN and/or OSCP designations will be an asset.
If you're a technical professional, you know that it can be difficult to find fulfilling work that advances your career. At the Ian Martin Group, we exist to connect professionals like you with meaningful work at industry-leading companies in your field. And we walk the walk, too: as a Certified B Corporation, we believe in using business as a force for good for people, our communities, and the environment.
We value diversity and inclusion and encourage all qualified people to apply. If we can make this easier through accommodation in the recruitment process, please contact us at firstname.lastname@example.org
We encourage all qualified candidates to apply; however, only those selected for an interview will be contacted.