Our Client, the National leader in their industry, is seeking a talented Information Security Analyst to join their growing Security Operations Team. This role will be responsible for a variety of information security functions including threat mitigation, endpoint alert investigation, vulnerability assessments and incident response. A successful candidate will display a passion for security and works to understand new technology trends and the latest methods for cyber attacks. This is a full-time permanent opportunity based in the west-end Greater Toronto Area (GTA). We have worked extensively with this Client for 15+ years and have received excellent feedback from those candidates whom we have successfully placed. Please contact us to learn more.
As an Information Security Analyst, you will design and implement IT security systems to protect the organization's computer networks from cyber attacks. You will also help develop organization wide best practices for IT security. You will monitor computer networks for security issues, install security software and document all security issues or breaches you find.
An ideal candidate will have a bachelor's degree in computer science with a minimum of 3 years of experience in information security with hands on experience in cloud security, preferably Azure. You need to be proficient with servers with an experience in installing security software, documenting security issues, understand patch management, firewalls, NextGen AV and IDS/IPS concepts.
In addition to technical skills, the Security Analyst is process-oriented and results-oriented, and demonstrates effective problem-solving and communication skills. They will often serve as a subject matter expert for colleagues and line-of-business managers, and experience with multiple technologies, compliance requirements and risk analysis methodologies is crucial.
HERE’S HOW YOU’LL CONTRIBUTE:
Responsible for triage, detection, and investigating potential security threats and handling them.
Performs deep analysis, correlates with threat intelligence to identify the threat actor, nature of the attack and systems or data affected. Decides on strategy for containment, remediation and recovery and acts on it.
Monitor and restrict access to sensitive, confidential, or other high-security data.
Vulnerability Management: Daily assessment of vulnerabilities identified. Prioritizing vulnerabilities discovered along with remediation timeline(s). Interaction with multiple teams for notification of vulnerabilities and tracking remediation(s). Provide reporting where required/requested.
Support compliance requirements where required/requested.
Perform administrative and configurational tasks of security tools deployed at the organization.
Collaborate with the support teams/vendors as required.
Maintain and upkeep a library of documented SOPs, policies and procedures.
Support the adoption of new technologies and projects as required by the business.
Mentor and coach other team members, where requested/required.
Performs other related duties as assigned.
HERE’S WHAT YOU’LL BRING:
Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or related field
3+ years as an Information security analyst/ SOC analyst.
Deep understanding of logging and monitoring systems for security events, network-based and host-based intrusion detection, firewall, malware and threat intelligence.
Deep understanding of computer-related security systems including endpoint detection and response (EDR)/ SIEM tools, vulnerability management, firewalls, IAM and Azure Security Center & Sentinel.
Understanding of frameworks, standards and assessments such as ISO 27001, SOC 1, SOC 2, PCI, NIST.
Demonstrated problem-solving and analytical skills.
Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
Proficient in Microsoft Office Suite or related software.
Excellent verbal and written communication skills.
Collaborative attitude with willingness to work with team members and able coach, participate in code reviews, sharing skills and methods
Knowledge of application security including dynamic and static scans will be an added asset.