Cybersecurity Analyst

**Job Profile**:
Reporting to the Director of I.T., the successful applicant will be responsible and accountable to provide comprehensive cybersecurity analyses and risk mitigation strategies and improvement solutions in support of the overarching protection of our organizations’ digital architecture.

**Job Responsibilities / Duties**:
1. Leading the ongoing risk assessment, incident response, and cybersecurity infrastructure upgrades to keep our organization protected from evolving threats by:

- Mapping and validating the existing cybersecurity controls and assisting in the design and implementation of authorized upgrades and improvements on a scalable project-based basis, including for virus protections, remote access control strategies, intrusion detections, cloud technology protections, etc.;
- Conducting regular and thorough risk and threat assessments to identify potential internal and external vulnerabilities on an ongoing basis and recommending relevant solutions to improve the overall security infrastructure;
- Implementing, testing and supporting all security solutions on an evolving basis;
- Ensuring that all systems are running optimally and proactively anticipating and addressing/mitigating system threats or cybersecurity incidents before they occur;
- Keeping up-to-date with the latest industry news pertaining to cybersecurity or infrastructure problems and flagging any identified issues to the Director of I.T. for resolution;
- Performing server security audits, and ensuring appropriate system backup procedures and recovery processes are in place and adhered to as one mitigation strategy against ransomware attacks;
- Acting as a high-level resource to the Director of I.T. and executive leadership pertaining to disaster recovery and continuity planning for all in-house cybersecurity and digital threat response solutions;
- Developing, implementing, and maintaining a comprehensive disaster recovery plan to ensure business continuity in the event of a natural or man-made disaster;
- Conducting regular tests and drills to assess the effectiveness of the disaster recovery plan;
- Conducting ongoing research on the latest technologies relating to cybersecurity and threat detection and prevention in order to make recommendations to the Director of I.T. in support of keeping the overarching in-house infrastructure up-to-date and cutting edge relative to evolving risks and technologies;
- Implementing and managing security monitoring systems to detect and respond to security incidents in real-time;
- Monitoring and analyzing all networks and computers/devices for unusual activity or suspicious behaviours and notifying the Director of I.T. of the same;
- Providing timely and accurate updates to the Director of I.T.

2. To provide high-level cybersecurity reporting and user support by:

- Maintaining accurate and up-to-date documentation related to security processes, incident response plans, and configurations;
- In collaboration with the Network Systems Administrator, proactively working to ensure all end user devices are kept up to date with the latest operating systems and security updates and overseeing the deployment of company-wide software and critical updates in support of security protections;
- Identifying and reporting any compliance failures to the Director of I.T. for immediate remediation;
- Conducting cybersecurity awareness training for employees and providing guidance and expertise to educate staff on security best practices;
- Ensuring compliance with industry standards, regulations and best-practices;
- Conducting regular security audits of all user accounts to ensure staff compliance with regulations, standards and internal policy;
- Documenting incident details, root cause analysis and lessons learned for continuous improvement;
- Coordinating any government/regulatory body cybersecurity compliance reporting required of the organizations in accordance with applicable deadlines and requirements, and under the overarching directions of the Director of I.T..

3. Other job duties and special projects as may be assigned by the Business Manager, Director of I.T. and/or the Human Resources Department.

**Job Requirements**:

- Post-secondary education in Computer Engineering, Cybersecurity Engineering, or a related field;
- Certification/designation specific to cybersecurity credentials such as CISSP, CISM, CRISC, etc.;
- 5+ years experience in a comparable cybersecurity or digital threat assessment role;
- A strong technical background with direct experience in the protection of data and I.T. systems;
- Critical troubleshooting skills with experience in outage management and recovery;
- Proven experience in the design, implementation and support of network security solutions aligned with industry best practices;
- Ability to work in a hands-on capacity to diagnose and resolve complex technical issues;
- Solid understanding of networking, switches, VMware/ESXi Host Service Infrastruct