Current jobs related to Security Analyst - Toronto - Greenp

POSITION SUMMARY The Security Information Analyst will assist the Toronto Parking Authority with the design, development and implementation of its security awareness plan and security initiatives to help ensure that the best possible measures are in place to maintain secure operations. The role will be focused on executing threat risk and vulnerability analysis (TRVA). In addition, this role will oversee risk remediation activities, in order to enable both operational and project teams to safely and securely manage their departments. This role will also be responsible to help monitor, evaluate and maintain systems and procedures to safeguard TPA information and systems while developing and implementing strategies, policies and procedures for the continued security of the organization.RESPONSIBILITIESThreat Monitoring: Continuously monitor network traffic, security alerts, and system logs to identify potential security incidents and vulnerabilities, with a focus on cardholder data protection.PCI-DSS Compliance: Ensure adherence to PCI-DSS requirements, including maintaining compliance with all relevant standards and controls for handling and protecting cardholder data.Incident Response: Respond promptly to security breaches or attacks, including investigating and analyzing incidents involving cardholder data, and implementing corrective measures to address any PCI-DSS violations.Risk Assessment: Conduct regular risk assessments and security audits with a focus on PCI-DSS compliance to identify potential threats and vulnerabilities and recommend mitigation strategies.Security Measures: Develop, implement, and enforce security policies, procedures, and best practices to enhance overall security and ensure PCI-DSS compliance.Vulnerability Management: Perform regular vulnerability scans and assessments, addressing identified weaknesses in systems and applications, and ensuring compliance with PCI-DSS requirements.Compliance Monitoring: Monitor compliance with PCI-DSS controls and procedures, including data encryption, access control, and network security measures.Documentation: Maintain detailed records of PCI-DSS compliance activities, security incidents, investigations, and responses, and prepare reports for management and regulatory bodies.Security Awareness: Educate and train staff on PCI-DSS requirements, security best practices, and organizational policies to promote a culture of security awareness and compliance.Collaboration: Work closely with IT, development, and management teams to integrate PCI-DSS requirements into system designs and operational procedures.Tool Management: Utilize and manage security tools and technologies, including firewalls, intrusion detection systems, and encryption software, to safeguard the organization’s digital assets in compliance with PCI-DSS.Engage with QSA: Collaborate with Qualified Security Assessors (QSAs) to ensure compliance with PCI-DSS standards, prepare for formal assessments, and address any identified gaps or recommendations.QUALIFICATIONS:Bachelor's degree in computer science, Information Security, or a related field.Relevant certification (e.g., CISSP, CEH, CompTIA Security+, PCI Professional) are considered an asset.Minimum 5 years of experience in an Information Security role.Minimum 5 years of experience with administration of various security products such as Palo Alto, CrowdStrike, Cisco ASA and Checkpoint, Microsoft Defender, Microsoft Purview and Symantec endpoint protection, Qualys and Tenable network and web application scanner, CIS benchmarks.Demonstrated knowledge of and/or familiarity with standards and frameworks such as PCI-DDS, ITIL, COBIT, ISO/IEC 31000 series, ISO/IEC 27000 series, SOC 2.Demonstrated experience in undertaking security threat and risk assessment using an industry recognized framework equivalent to the Harmonized Threat and Risk Assessment methodology.Proven experience with LogRhythm or Splunk solutions.Previous experience conducting IT audits considered an asset.Threat Risk Vulnerability Assessment (TRVA) training.Knowledge of current network, operating systems, hardware, protocols, and standards.Excellent analytical skillsDemonstrated ability in solving I.T. issues, problems and possessing a sense of urgency.Demonstrated integrity in dealing with information and issues of a highly confidential and sensitive nature.Diligent, detail-oriented, and possess a success-driven work ethic. Demonstrates Commitment to Environment, Health & Safety: Manages risks to protect the health and safety of employees and the public.Able to perform forensic collections of data and to conduct detailed forensic analysis task including data recovery, production of forensic images and compilation of forensic examination reportsAbility to collect and manage of evidence to ensure that the chain of custody is fully documented in accordance with local statutes and policies.Experience In use of forensic and data mining tools to collect, search, recover, sort and organize large amounts of information in all phases of an investigation.A proven team player & ability to interact and work with people with a variety of backgrounds and at different levels within the organization.Internal candidates: No new or reclassified employee with less than one (1) year’s continuous on the job service may apply.About the Toronto Parking AuthorityToronto Parking Authority (TPA) is the largest municipal parking operator in North America, third largest bike share operator and largest operator of municipally owned EV charging in Canada. At the Toronto Parking Authority, we aspire to create a seamless customer experience that delivers on choice, ease, and speed through the City. We are proud to be a major strategic asset for the City in supporting Toronto’s Mobility goals. Our advancements, such as enhancements to the Green P app, the expansion of Bike Share Toronto and establishment of a new systems operating centre reflect our commitment to innovation and service excellence.Join us in Driving (and Riding and Charging) Last Mile MobilityWe recognize that our people are how we make this happen. It’s why we have a company culture that values safety, respect and integrity. We strive to be a great place to work: As an employee, you’ll experience professional and organizational growth within a collaborative environment where all our efforts are aligned: to deliver on our vision to become the world’s best provider of sustainable parking, bike share and last mile mobility.Come and experience what it’s like to work at TPA, where our Rules of the Road guide us: We will win and celebrate as a team; We are passionate about our customers and stakeholders; We will set targets, keep score and win; We will act with a sense of urgency; and We will be respectful, courteous, and accountable.We are growing. We are mobility. We are TPA.About the Application ProcessAs employees we all share in maintaining a safe environment for customers and visitors and a safe work environment for TPA employees. This environment always promotes and exemplifies our Core Values of Safety Always, Respect and Value Differences, and Act with Integrity.TPA is committed to equity, diversity, anti-racism and inclusion in the delivery of its services and workplaces. TPA is committed to fostering a diverse workforce that is representative of the community it serves at all levels of the organization, and supports an inclusive environment. TPA welcomes applications from members of groups with historical or current barriers to equity, including but not limited to Black and racialized groups, women, Indigenous peoples, persons with disabilities, people from the LGBTQ(IA2S+) community, and others with the skills and knowledge to productively engage with diverse communities. We seek to maintain our commitment to excellence and recognize that increasing the diversity of our employees supports this objective. We are dedicated to equal opportunity.TPA encourages applications from all qualified applicants and is committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act (‘AODA’). If you require accommodation for disability during any stage of the recruitment process, please notify Human Resources.TPA has an Employment of Relatives Policy which controls relatives of current employees from being hired, assigned, transferred or promoted into positions where there is a conflict of interest due to relationship. Should you be selected for an interview, you will be asked to disclose the name, relationship and position of any relative who is a current TPA employee.We thank all applicants; however, only those selected for an interview will be contacted. #J-18808-Ljbffr