Client ID : 279795Security Analyst - DevOpsOn behalf of our client, Procom is seeking a Security Analyst -DevOps for a Permanent role in Edmonton, Alberta.
Security Analyst - DevOps Job DetailsInformation created, processed and utilized by the client is one of its most valuable assets and the loss, destruction or misuse of these assets could severely impact the client’s reputation and financial performance.
The Security Analyst Dev / Ops is primarily involved in activities and issues relating to secure development and sustainability of information assets, information technology projects, risk management, and assurance and compliance that is conducted through Agile methodology in various streams.
The primary area of accountability for this position will be secure application development and review. This position is required to act with a minimum of supervision while adhering to defined Information Services (IS) policies, procedures, and good practices as well as management’s direction.
At all times this role provides timely responses to assignments / projects, managing requestor expectations, ensuring customer satisfaction and aligning with corporate directions as defined by management.
This position provides a senior role for problem resolution, fosters positive growth, has high standards and values, is a source of leadership and guidance, has strong work ethics, and mentors employees in various teams.
This role is a resource capable of solving the most critical issues and is considered an expert in information security technologies.
Security Analyst - DevOps ResponsibilitiesWork within Dev / Ops value streams to provide guidance and direct support as a value stream's security expert and a team member.
Provide subject matter expertise and a pragmatic approach to the design and implementation of security services including identity and access management, cryptography, communication protocols, and security event prevention and detection.
Maintain current awareness and understanding of the information security environment in terms of good practices, compliance requirements, and emerging threats.
Lead and collaborate with other IS staff in the development, implementation, and sustainment of security controls for the client’s IS environment using existing and new tools.
Identify, assess, prioritize, document and manage risk and their impact.Review and assess vulnerabilities in systems and provide pragmatic solutions.
Engage staff to increase overall Security awareness.CapabilitiesKnowledge and ability to ensure there are adequate technical and organizational safeguards to protect the continuity of information services by implementing security principles, methods, practices, policies and tools.
Knowledge and ability to improve the information security of application software across multiple platforms.Ability and the will to question conventional approaches, explore alternatives and respond to challenges with creative solutions or services using intuition and experimentation, with a focus on perspective, technical savvy and innovation.
Ability to find relevant information efficiently, using it effectively, and identify gaps in the information gathered. Ability to identify and use effectively information or data to confirm facts, reaffirm the results of previous work, solve new or existing problems, and / or develop new approaches.
Ability to understand business issues, processes and outcomes to apply that understanding in enhancing business performance.
Understand and use relevant legislation, policies, procedures, and / or standards in performing’s one’s work. Communication and Team EffectivenessWork closely with business and IS staff and members of Dev / Ops value streams.
Listen to others and communicate in an effective manner utilizing both verbal and written channels to foster and promote open communication, with a focus on clarity, active listening and presentation skills.
Prevent, manage and / or resolve conflict.Embrace and enable the process of change and transition while helping self and others move confidently through uncertainty, ambiguity and transition.
Centre of Expertise Contribute to the Security COE Knowledge Base : Build, mature and deliver capabilities that are appropriate for the client within the Security domainHelp define and follow policies and standards related to Security domain.
Contribute to knowledge sharing among peers. Proactively share knowledge with members of IS to help them adopt Security best practices.
Security Analyst DevOps Mandatory Skills3+ years' experience in information security, with 1+ year applied experience within a large environment.
3+ years' experience working in an Agile Dev / Ops environment, with applied experience in software development.Strong interpersonal and communication (verbal and written) skills to interface with multiple levels of management, personnel, clients, and vendors.
Strong analytical / problem solving, organizational, and project control skills to support excellence in delivery and customer service.
Strong applied and theoretical knowledge of security principles and practices such as ISO 27000, NIST 800-53, Payment Card Industry Data Security Standards (PCI DSS).
Familiarity with using risk assessment methodologies / concepts. Technical and / or security administrative experience with Microsoft based application development, operating systems, and database platforms.
Ability to prioritize work in a multi-project environment, and to take ownership on issues and follow through to resolution.
University degree or college diploma in Computer Science, Computer Engineering, Information Security or a related IT discipline is strongly preferred.
Alternatively, extensive proven track record in the position’s primary responsibility areas within the Financial Sector.
Security Analyst DevOps Mandatory SkillsOne or more of the following certifications would be highly desirable :