Reporting to the Senior Manager of IT Planning, the Analyst, IT Security is responsible for protecting Northwestel’s IT assets from security breaches that could lead to data loss or service interruptions.
This is accomplished by performing device management, configuration changes, monitoring, and troubleshooting for security devices such as firewalls, SEIM system (Security Event and Incident Management), VPN devices, host intrusion prevention appliances, anti-virus, anti-spam appliances, and data loss prevention infrastructure.
The Analyst, IT Security is expected to stay up-to-date on the latest intelligence, including hackers’ methodologies, in order to anticipate security breaches.
The Analyst, IT Security must understand the diverse security infrastructure that supports Northwestel’s business and be able to differentiate and respond to the unique operational and security requirements.
The incumbent must have a comprehensive knowledge of both technical and operational network security best practices and significant experience in a wide variety of technology platforms and security services that Northwestel supports.
The Analyst, IT Security must identify and compare technological capabilities that are required to support a particular security service, and identify technological gaps where more development is needed.
Northwestel values diversity in the workplace and is committed to the goals of Employment Equity. We strive to achieve a skilled workforce that is representative of the population we serve, and as a Northern company, we are committed to the employment and career development of our Indigenous peoples.
Candidates must clearly indicate on their application if they are an Indigenous person, a woman, a person with a disability, or a visible minority if they wish to receive hiring preference.
Monitors, reviews, and interprets security alerts and notifications and provides an initial response, analysis, and incident management.
Assesses and establishes mitigation steps to ensure appropriate incident treatment and informs the Architect, IT Security, Corporate Security, and Northwestel management as appropriate.
Manages a variety of security devices such as VPN, firewall, SEIM system, host intrusion prevention systems, identity and access programs, data loss prevention systems, anti-virus, and anti-spam systems.
Configures and maintains security devices and appliances as well as provides general knowledge and recommendations for security best practices to Northwestel, as required.
Adheres to strict security and associated authentication protocols when dealing with all levels of security requests.
Creates updates and maintains documentation related to security assets, controls, incidents, and breaches.
Compiles analyzes and makes decisions based on metrics from security devices.
Reports security metrics to Senior Manager of IT Planning for presentation to Northwestel management and or Corporate Security when required.
Available for call-outs after normal business hours in the event of a security incident.
Knowledge and Competencies Required
This position requires the following qualifications and competencies :
Degree or diploma in Computer Science, Technology or Information Assurance.
Professional certifications : GIAC, CISSP, CISM, Juniper JUNOS SRX Platform, AJSEC, JNCIS-SA.
Minimum of five (5) years of information systems experience, a combination of relevant experience, and Information Security certifications may be considered.
Strong working knowledge of security operational policies, procedures and the ability to interpret SIEM alerts and supporting technologies.
Working knowledge of risk assessment methods as it relates to vulnerability management.
Understanding of mitigation safeguards and responses at the systems, network, and application level (VPN, Firewalls, Intrusion Detection, system hardening, single sign-on, encryption technologies).
Demonstrated experience troubleshooting security solutions including authentication, authorization, encryption, and audit capabilities as part of an overall system design.
Proven communication, presentation, documentation, and interpersonal skills.
Knowledge of PCI, NIST, CIS, SANS, ISO 27001, or other security frameworks are considered assets.
As part of the recruitment process for this position, candidates may be required to take pre-employment tests and / or complete a work simulation exercise to assess job fit.
Applications will be accepted until 11 : 59, Sunday, July 6, 2021
As a safety-conscious COR™ Certified organization, we have an established and comprehensive safety program. We expect all employees to participate in our organizational health and safety programs, adhering to all safe work procedures focused on continuous improvement.