Cybersecurity Analyst

YOUR ROLE

In your job with our client, you will be asked to work on the following:

• To be the point of contact for all cybersecurity matters 
• Identify new and emerging cyber risks and prepare recommendations for appropriate countermeasures including, but not limited to, new technology investments, new standards, changes in policy or reconfiguration of existing systems or business processes 
• Ensure compliance with Company’s technical standards and policies including NIST 800-171, CMMC and CIS 
• Evaluate and coordinate external information security providers and provide recommendations to management on efficiency of external cyber security services 
• Work with Vendor support teams and user groups to ensure strong, relevant and up-to-date product knowledge as well as help transfer this knowledge to IT support teams 
• Manage processes relating to the installation, maintenance and operation of security infrastructure including firewalls, antivirus, IPS and DLP, PAM, NAC, AD, and SIEM 
• Provide security oversight and approval during change processes 
• Conduct forensic investigations as required 
• Lead information security related projects

• Evaluate new security technologies and products and perform engineer-level work and analysis to determine if solutions are acceptable 
• Establish proactive monitoring mechanisms to detect potential cases of improper system access attempts (internal) or cyber-attacks (external) 
• Establish proactive monitoring mechanisms to detect potential issues with our cybersecurity controls (like vulnerabilities, encryption, compliancy, …) 
• Implement relevant KPIs to monitor our cybersecurity controls 
• Provide technical advice and guidance on IT security related initiatives 
• Report suspected cases of improper system access and initiate investigations with appropriate management approval/direction. Revoke access in cases where improper access attempts are discovered 
• Design and documentation of security system configurations and related processes and procedures 
• Follow security findings through to successful remediation

• Minimum of 2 years of experience working at an intermediate level role, or above in Information Security (Development, Applications, IT System Administration, Infrastructure)
• Completed secondary education or higher
• Strong understanding of IT security concepts and best practices, as used in desktop, server and network technologies (IDS/IPS, firewall, antivirus, mail hygiene, endpoint security, data protection, authentication, network access)
• Good working understanding of operating systems and internetworking (TCP/IP)
• Demonstrated track record in complex troubleshooting and problem-solving scenarios
• Strong communication skills in order to effectively and clearly communicate potential threats to the company’s senior management, outside vendors and other stakeholders

• Strong track record working effectively in collaborative environments where rapid response to threats is required
• Strong documentation and writing skills
• Strong ability to keep current with emerging technology trends in the field of information security, through subscription to/participation in relevant industry forums, events or trainings 
• Good knowledge of systems security requirements and implement best practices. 
• Good knowledge of hardened servers and environments
• Fluent in both French and English is required (verbal and written)
• CISSP and/or CIsSM certification an asset