Scheduled Maintenance: sisystems.com will be Unavailable from Friday, Dec 9th @ 8:00 PM MST - Saturday, Dec 10th @ 8:30 AM MST for regularly scheduled maintenance.
Login | Register

Senior IT Security Analyst to design and participate in the implementation of NIST Framework and oversee SOC2, Pen Testing, SIEM, etc.

Job Type: Permanent
Positions to fill: 1
Start Date: Dec 12, 2022
Job End Date: Dec 12, 2022
Pay Rate: Salary: Negotiable
Job ID: 125450
Location: Toronto
Apply
Senior IT Security Analyst to design and participate in the implementation of NIST Framework and oversee SOC2, Pen Testing, SIEM, etc.

Location: Greater Toronto Area
Type: Fulltime 
Environment: Remote 

This is an opportunity to put your stamp on the implementation of a framework from end-to-end. Growth opportunity role for someone looking to become an Architect (is an architect) or Security Manager in the future.

Responsibilities:
  • Participate in the design and implementation of Security Framework(NIST) including identifying risks, policy development, training (online training modules, lunch and learns, etc.), and enforcement
  • Delivering security awareness training (online training modules, lunch and learns, periodic security communication, and simulated phishing campaigns)
  • Performing vulnerability scans and penetration testing(with help where needed), penetration tests and other security reviews of tools and projects
  • Monitor security controls to core IT infrastructure and cloud resources
  • Monitor and ensure SOC2 compliance
  • Keep up to date on emerging threats and techniques
Qualifications:
  • 5+ years of work experience in the field of information security
  • Strong knowledge and experience with Security Frameworks such as NIST CSF, COBIT, ISO 27001 and CIS Controls
  • Experience with SOC2 Compliance requirements - i.e. monitoring, preparation, or audit
  • Experience in participating in planning and designing enterprise security architecture/framework and creating enterprise security documents (policies, standards, baselines, guidelines, and procedures)
  • Experienced Security Analyst with knowledge and hands experience(preferred) or overseeing incident response, network security, vulnerability management, intrusion detection, secure SDLC penetration testing (nice to have), penetration testing, web and network protocols, firewalls and encryption technologies, Security Information and Event Management (SIEM) tools, server hardening, etc. 
  • University degree in the field of Computer Science, Cyber Security, or Information Security-related discipline
  • CISSP, SSCP, CompTIA Security+, SANS GIAC, CCSP or other industry certifications preferred
Must Haves:
- Strong security analysis experience including design experience
- Experience with writing security documentation, awareness training and enforcement
- SOC 2 experience