Information Security Analyst – IT Security

IT / Internet

Job Overview

Job title: Information Security Analyst – IT Security

Company: Randstad

Job description: The Information Security Analyst will implement the information security program initiatives, administer information security systems, and assist with monitoring information security policy compliance. The Analyst along with the Information Security team will be developing the information security maturity of the organization as well as performing operational activities on implemented information security controls to ensure information security policies are being followed. The role will be responsible for various activities to build information security including developing appropriate documentation, building awareness, implementing technologies, and identifying information security weaknesses with the objective of protection of information assets.

ADVANTAGES
Aside from joining an industry leader in security; successful candidates will receive great compensation and enjoy working with an amazing team.

RESPONSIBILITIES
-Work with the Information Security team, businesses, vendors, and IT teams to ensure that corporate policies and procedures are being understood and followed
-Write procedures and technical standards to meet corporate policies and industry best practices
-Evolve corporate security policies and procedures to stay aligned with the security industry best practices
-Develop and improve internal processes to manage information security corporate-wide
-Lead initiatives related to the remediation of security weaknesses or information security solution implementation while working with corporate-wide businesses, vendors, and the IT team as needed
-Review technical configurations from various operating systems and security solutions (Windows, Linux, AD, VMware, IDS/IPS, FIM, SIEM, WAF, AV, endpoint encryption, etc.) to determine/enhance the parameters to meet industry-accepted hardening standards such as NIST, CIS, SANS, etc.
-Review security reports from various security technologies (vulnerability assessment reports, cybersecurity reports, audit reports, access privileges, etc.) to identify violations, intrusion attempts, or security weaknesses
-Provide recommendations and guide development and operations team to address security weaknesses and identify potential new security solutions
-Monitor the information security industry and be proactive with implementing appropriate information protection controls to mitigate risks on the latest types of vulnerabilities
-Conduct security product research and assess their appropriateness for the organization
-Produce report and presentation deliverables with attention to content as well as format
-Perform security incident investigations and document findings/root causes
-Perform Identity and Access management tasks
-Respond to alerts and notifications from users/vendors related to information security
-Develop and improve internal team processes to effectively manage information security corporate-wide
-Review potential new service provider or outsourcing relationships for business units and provide advisory services for information security due diligence
-Evolve corporate security policies, procedures, and standards to align with the security industry best practices
-Review new IT implementations and identify security risks in network design and configuration

QUALIFICATIONS
-Post-secondary degree or equivalent education in computer science, computer engineering, or similar studies
-Information security certifications such as CISSP, GIAC, CRISC, etc.
-Previous experience of 4-6 years specifically in the information security industry preferred
-Knowledge of current network and endpoint security technologies important (next-generation tools, APT tools, and tools utilizing heuristics analysis for protection)
-Strong knowledge of technical configurations from various operating systems and security solutions (Windows, Linux, VMware, IDS/IPS, HIPS, FIM, SIEM, WAF, Cyber Security, encryption, etc.)
-Working knowledge of industry security standards such as ISO27001/ISO27002, NIST, etc.
-Demonstrated experience working with security technologies
-Demonstrated experience with implementing internal processes to manage information security initiatives
-Working knowledge of network architecture with multiple layers of defense
-Working knowledge of application security vulnerabilities

MUST HAVE QUALIFICATIONS
Information Security 5-8 years
IDS/IPS, HIPS, FIM, SIEM, WAF, Cyber Security, encryption, etc. 5-8 years
Knowledge of Application Security 3-5 years
Knowledge of Network Security 3-5 years

NICE TO HAVE QUALIFICATIONS
Knowledge of security standards such as ISO27001/ISO27002, NIST, etc. 2-3 years
Information security certifications such as CISSP, GIAC, CRISC, etc. 2-3 years

SUMMARY
For immediate consideration please send your resume to edwin.chang@randstad.ca

Expected salary:

Location: Toronto, ON

Job date: Tue, 02 Mar 2021 23:45:52 GMT

Apply for this job
Share:

Search Job

JobAdvisors.ca provides a centralized location for employers and job seekers. We update industry job trends, prospects and other vital information, from verified sources, for both Jobseekers and Employers and promote the content in multiple social media channels.

Follow us on:

    

T&C

Terms & Conditions