Intermediate Security Analyst to support day-to-day security operations and the implementation/enhancement of new security solutions for a solutions integrator client
Our valued solution integrator client is seeking a Intermediate Security Analyst to support day-to-day security operations and the implementation/enhancement of new security solutions!
Initial 3-month contract in Toronto, ON with strong possibility of extension. 7.5 hours/day, Monday to Friday (37.5 hours/week) with additional 24/7 on-call support required. Hybrid - 2 days/week in Toronto, ON.
As the successful candidate, you will be responsible for the identification, investigation, and resolution of security breaches detected by in-place security solutions. You will also work on the implementation of new security solutions, policies, standards, guidelines, and procedures, as well as vulnerability audits & assessments.
Responsibilities:
- Monitor all in-place security solutions for efficient and appropriate operations.
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Provide on-call support 7x24 for all end users, supplier/vendors and 3rd party SOC incidents to cybersecurity threats and intrusion
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures)
- Participate in the design and execution of vulnerability assessments, penetration tests, and security audits and proactively conducts IT security risk and vulnerability assessments for new and existing IT infrastructure elements (network/systems/applications/services)
- Provide security assessments on in-house developed products as well as procured products
Must-Have Skills:
- 5+ years of experience as a security analyst supporting security program development, security risk, vulnerability analyses, system design, and security architecture.
- Demonstrated experience with incident response and management and 7x24 on-call support
- Demonstrable experience with conducting security reviews, implementing information security recommendations, analyzing technical controls and applying security control standards required
- Relevant security certifications such as CEH, ECSA, GSEC / GCIH / GCIA: GIAC Security Certifications, CompTIA CSA+, CCSP, CCSK
Nice-to-have Skills:
- Demonstrated understanding of Network Security, IAM, BCP, DRP, Audit/Compliance, Supplier and Technology Security Assessment and Cloud Security
- Experience with various security tools such as KnowBe4, Cisco Email Gateway, Zscalar, Avast, Cisco ASA firewalls, Manage Engine, Tenable, Airwatch, CrowdStrike, etc.
- Other industry & product certifications such as MCSE, CCNA, and ITIL