Cyber Security Analyst investigating and responding to security events at A+E Global Media. Collaborating cross - functionally to improve detection and response processes.
About the role
- Analyst assessing customer Risks, Gaps, Vulnerabilities, and Maturity in security systems and recommending actions. Delivering security projects and assessments in a hybrid work environment.
Responsibilities
- Assess customer risks, gaps, vulnerabilities, and security maturity across people, processes, and technology
- Deliver security projects and MSSP engagements with moderate independence, following ISA methodologies, templates, and tooling
- Conduct security assessments including Threat and Risk Assessments (TRA), Privacy Impact Assessments, Gap Assessments, and Maturity Assessments
- Analyze findings to identify weaknesses in client security controls and recommend practical, risk-based improvements
- Contribute to the development and maintenance of security policies, standards, methodologies and governance documentation
- Execute assigned project and MSSP deliverables to meet quality standards, timelines, and client expectations
- Apply governance strategies and service frameworks established by the Vice President, Services to ensure consistent service delivery
- Follow project plans managed by internal project and program managers, escalating risks or scope concerns as required
- Assist with the maintenance and management of any tools and technologies to be used to support the client
- Collaborate with client project managers and technical teams to support successful project outcomes
- Support MSSP operations by assisting the CIOC with engineering tickets and service requests when required
- Deliver knowledge transfer and training to clients and internal team members on tools, methodologies, and security practices
- Create and maintain accurate procedural documentation for security projects and MSSP services in collaboration with Service Leads
Requirements
- Minimum of five years’ experience delivering security assessments, including Threat and Risk Assessments (TRA), Gap Assessments, Maturity Assessments, and Privacy Impact Assessments, as well as related services such as policy and standards development and risk management implementation
- Degree in IT, Computer Science, Cybersecurity, or a related field
- Strong understanding of industry frameworks such as ISO 27001/2, NIST CSF, CIS Top 18, and Privacy by Design
- Thorough knowledge of current security threats, attacker techniques, and threat modeling frameworks such as MITRE ATT&CK
- Solid understanding of modern security principles, techniques, and protocols
- Expert knowledge of TCP/IP, common network protocols, and standards
- Exceptional analytical and problem-solving skills, with the ability to identify strategic issues and make informed decisions
- Ability to manage multiple projects simultaneously, prioritize tasks, and meet deadlines in a high-volume environment
- Strong organizational skills, attention to detail, and the ability to work independently
- Excellent communication and influencing skills, with a proven ability to drive change and collaborate across teams
- Ability to maintain deep knowledge of security and networking infrastructure, including management and reporting requirements
- Hands-on experience with security systems, including firewalls, intrusion detection/prevention systems, antivirus software, authentication systems, and content filtering
- Experience with network security, networking technologies, and monitoring tools for systems, networks, and security
- Vendor certifications in tools such as Metasploit, Tenable, Qualys, or Rapid7
- Desirable professional certifications: Security+ (SEC+), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), GIAC Security Essentials (GSEC), Certified Information Systems Security Professional (CISSP)
Benefits
- Flexible sick and personal days for all employees
- Generous health plan with enhanced mental health resources and programs
- Professional development opportunities and education reimbursement up to $2,000 annually for all employees
- Maternity and parental leave top-up
- Employee referral bonus of $2,000
- Competitive salaries complemented with RRSP matching and bonus programs
- Distance remote working policy
- LinkedIn Learning access for all team members
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Information Security Analyst handling security monitoring and incident response tasks for educational technology company. Collaborating with IT teams to enhance security measures and compliance.
Security Specialist providing comprehensive security support to USAFE - AFAFRICA operations. Drafting policies, conducting assessments, and collaborating with military leadership for force protection.
Senior Asset Security Analyst responsible for governance and security of assets at Afya. Ensuring protection of people and information while mitigating risks and complying with regulations.
Security Analyst (IAM) focusing on IAM design and governance for Whirr Crew's infrastructure. Enhancing security protocols and collaborating with various technical teams.
Cyber Security Analyst providing technical information security support at IntelePeer. Focus on Microsoft Defender administration and security compliance operations.
Security Analyst L2 at Var Group managing and analyzing security incidents for digital evolution. Focused on proactive threat hunting and continuous improvement of security processes.
Security Analyst L3 responsible for security event management at Var Group. Analyzing security incidents and collaborating with teams to enhance security measures.
Cyber Security Analyst leading a team in providing security services at Blackwatch. Ensuring quality deliverables and compliance in a dynamic working environment.
Cyber Security Analyst developing and implementing cyber security procedures for federal business objectives in a dynamic environment. Requires substantial expertise in cybersecurity and vulnerability management.