IT Security Analyst

Job Title: IT Security Analyst - Cyber Threat Response Specialist

Job Summary

We are seeking a highly skilled IT Security Analyst to join our team at Mount Allison University. The successful candidate will be responsible for monitoring, analyzing, and responding to cyber security events and incidents within the enterprise IT environment.

Responsibilities

• Monitor and analyze security events and alerts from various sources, including Security Information and Event Management (SIEM) systems, network devices, firewalls, antivirus, intrusion detection and prevention systems, applications, IoT devices, cloud services, and vulnerability scanners.
• Perform security incident response activities, including triage, assessment, containment, eradication, recovery, and post-incident analysis and reporting.
• Identify, assess, and prioritize cyber security risks and vulnerabilities, and provide mitigation strategies and solutions.
• Assist with the development and operation of vulnerability and patch management activities.
• Support the development and implementation of security policies, standards, procedures, and guidelines.
• Assist with the development of secure baseline configurations and best practices for University systems and applications.
• Assist with the installation, configuration, maintenance, and troubleshooting of security tools and systems.
• Perform security audits and assessments of new and existing systems, applications, and third-party services to ensure compliance with security standards, policies, and procedures.
• Work with third-party vendors to ensure compliance with security policies, standards, procedures, and guidelines.
• Conduct security research and analysis on emerging threats, trends, and best practices, and share findings and recommendations with other CSD staff.
• Provide security awareness and education to the organization's staff and stakeholders on cyber security topics and issues.
• Maintain an in-depth knowledge of security technologies through formal training, seminars, and self-directed study.

Requirements

• A bachelor's degree in computer science, Information Systems, Cybersecurity, or a related field.
• A minimum of seven to ten years of Information Technology experience, with some direct exposure to IT security operations, analysis, or incident response.
• Experience with one or more Security Information and Event Management (SIEM) systems, such as QRadar, Microsoft Defender, Splunk, or FortiSIEM.
• Excellent written and oral communication skills, and the ability to communicate effectively with technical and non-technical audiences.
• Problem identification and resolution skills, with demonstrated ability to analyze complex and ambiguous situations and provide timely and effective solutions.
• High attention to detail with the ability to focus on complex technical information for long periods. Ability to work with sensitive information and manage risk in situations where the consequence of error is significant.
• Demonstrated ability to learn new skills and keep up to date with advances in Information Technology and Cybersecurity.
• Desire and willingness to work independently, often with a high degree of autonomy, within a collaborative, innovative, and flexible environment.
• Ability to handle multiple projects, work under pressure, and meet deadlines.
• Certifications in cybersecurity, such as CISSP, CISM, CEH, GCIH, or GCIA, are desirable but not required.

Preferred Qualifications

• Knowledge of security principles, frameworks, standards, and best practices, such as NIST CSF, ISO 27001, or SOC2.
• In-depth knowledge of several security domains, such as network security, endpoint security, application security, identity and access management, cryptography, and security governance and risk management.
• Knowledge of security threats, vulnerabilities, exploits, and attack vectors, and the ability to identify and analyze malicious activities and indicators of compromise.
• Broad knowledge of security tools and technologies, such as SIEM, firewalls, antivirus, intrusion detection and prevention systems, proxy servers, vulnerability scanners, digital certificates, security auditing and assessment software, and encryption tools.
• Knowledge of and experience with multiple operating systems, including Windows, Linux, and macOS, and the ability to perform security administration and maintenance tasks in a multi-platform environment.
• Exposure to cloud computing environments, such as Amazon Web Services, Microsoft Azure/Office 365, or Google Cloud Platform.
• Knowledge of networking protocols, such as TCP/IP, UDP, HTTP, HTTPS, SSH/SFTP, and DNS, and the ability to perform network analysis and troubleshooting tasks.
• Knowledge of scripting languages, such as Python, PowerShell, or Bash, and experience automating tasks and processes.

Mount Allison University is committed to diversity and inclusiveness. We encourage applications from members of racialized communities, Indigenous persons, persons with disabilities, and persons of all sexual and gender identities.

We thank all applicants for their interest, however, only those selected for an interview will be contacted.

Visit our website at https://www.mta.ca/ for other employment opportunities at Mount Allison University or to register to receive e-mail notification of new opportunities.