When you’re passionate about what you do and where you work, the rest comes easy. That’s the culture at Central 1 Credit Union, and that’s precisely what we’re looking for from you.
Supporting over 100 member credit unions across British Columbia and Ontario, we’re the backbone of the credit union system in both provinces taking care of everything from online services and product development, to payment processing, trade association services and more.
Our team of over 600 employees represent some of the most innovative, passionate individuals you’ll ever meet; people who honestly care about the organization, its members and each other.
In other words, people who love what they do.
The Information Security Analyst 2 is an experienced Information Security professional that is just as comfortable handling operational incidents as they are designing new security solutions or providing guidance on cyber risks to the wider organization.
The candidate has experienced working within an IT operations role for a number of years prior to specializing in Information Security.
The automation of repeatable tasks and process improvement are second nature to the individual as is the sharing of knowledge and continuous learning.
University degree and 5 years information technology related work experience, ideally with 3 or more years spent working in a security function.
One or more of the following certifications preferred :
ISC)2 - CISSP, CSSLP, CCSP
GIAC - GSEC, GCIH, GCIA, GCFE, GWAPT or GPEN
Knowledge & Experience
Experience with deploying and securing Cloud deployments including PAAS, IAAS and SAAS
Experience with Incident handling
Working understanding of OWASP Top 10 and SANS Top 25.
Working technical knowledge of log management platforms including Syslog and at least one enterprise class SIEM.
Strong understanding of IP, TCP / IP, and other common network protocols.
Familiarity with ITIL, incident management, and ISO 27001.
Experience with two or more of the following scripting languages : Python, Ruby, Go, Perl and PowerShell.
Assist the operations team in defining current baselines for the secure configuration of all devices (eg. Servers, workstations, network devices)
Maintain operational configurations of all security solutions as per the established baselines.
Review logs and reports of all installed devices, whether they be under direct control (i.e., security tools) or not (i.
e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
Participate with investigations into problematic activity.
Participate in the design and execution of vulnerability assessments, penetration tests and information security audits.
Strategy & Planning
Participate in the planning and design of enterprise security architecture, under the direction of the Corporate Information Security Officer, where appropriate
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Corporate Information Security Officer, where appropriate.
Provide oversight and contribute to the design and deployment of application solutions within Central 1 to ensure they are carried out following industry standard best practices
Maintain up-to-date detailed knowledge of the information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.