Junior Security Analyst to monitor O365 security and perform security risk assessments to ensure PCI compliance

Job Type: Permanent
Positions to fill: 1
Start Date: May 31, 2023
Job End Date: May 31, 2023
Pay Rate: Salary: Negotiable
Job ID: 129683
Location: Winnipeg
Our retail client is looking for a Junior Security Analyst to monitor O365 security and ensuring PCI compliance

Hybrid within Winnipeg

Must Have
  • 3+ years experience in Cyber Security within a Helpdesk or Security Operations Centre (SOC) environment  
  • Security monitoring experience with one or more SIEM technologies – Q1 Radar, Splunk and intrusion detection technologies
  • Security monitoring experince within Microsoft O365 (primarily Outlook) 
  • Experience assessing, documenting, and ensuring PCI compliance
Nice to Have
  • One or more of the following certifications: CompTIA Security+, GIAC Information Security Fundamentals, Microsoft Certified Systems Administrator: Security,  Associate of (ISC)2, Security related certifications such as CISSP, PCNSE, NSE, CCNP Security or higher
  • Expereince with Microsoft Azure or Active Directory
  • Develop, implement, monitor, and enhance data security policies, procedures, and standards
  • Manages security events (SIEM, IDS, firewall system logs, etc.), analyzes, troubleshoots, and make recommendations for containment and eradication of security threats.
  • Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
  • Perform ad-hoc threat risk assessment (TRA) on infrastructure and systems as well as cloud-based solutions and facilitate remediation tasks with other operational teams.
  • Designs and works with vulnerability scanning tools (system vulnerability scans, static/dynamic code scans) and remediates findings with appropriate teams
  • Perform security risk assessments. Assist with internal and external audits (ex., HIPAA, PCI)) Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.