Cyber Security Analyst

Do you value integrity and innovation? How about passion and caring? Great Us too, and that's why you'll fit right in. Our intentional culture promotes trust and participation, encouraging you to bring your heart and mind to work every day.

In-scope

Work Location: This role is eligible for hybrid work at the manager’s discretion. This means you’ll have the flexibility of working from home and in the office (any one of the Saskatchewan Branches) on a scheduled rotation.

GENERAL ACCOUNTABILITY

KEY ACCOUNTABILITIES
- Note: This section is not intended to be an exhaustive list of duties and responsibilities - other duties and responsibilities may be assigned._- Provides input for information security policies, standards, controls, and procedures.- Provides technical advice, guidance, training, and support to users, partners, and systems personnel relating to cyber security risks, threats, or issues.- Interacts with other IT Staff to enhance the understanding of security issues and implement solutions.- Assesses and consults on data protection methods (e.g., access controls, encryption, vulnerability management).- Assists in developing appropriate mitigation strategies for identified threats.- Investigates cyber security-related alerts, events, and incidents.- Assists in the response and handling of security breaches, events, escalations, or intrusions that occur within the environment.- Triages incident tickets that come into the cyber security team and works the tickets to remediation.-
- Trends, manages, and tunes security monitoring and alerting solutions.- Monitors security tools, vendor alerts, websites, and periodicals for threat alerts; identifies potential impact; escalates as necessary to management; and acts as appropriate.- Provides alerts trend analysis and metrics recommendations for use in generating “Use Cases” for implementation in SIEM and other security tools.- Prepares automated and ad hoc reports and/or interprets data from various security data sources (e.g., Security & Information Event Management, Intrusion Protection System, Data Loss Prevention).- Participates in vulnerability management/penetration testing, including execution, remediation, and documentation.- Reports results of scanning or testing and provides security recommendations for further system security enhancement directly to area management.- Creates and maintains IT Operations run books for security-related alerts.- Drives security operations improvements through automation and system integrations.- Monitors and ensures established and documented processes for event detection are followed, and provides overall guidance to IT Operations, ensuring all alerts and incidents are addressed in a timely manner and handled thoroughly through to completion.- Contributes to the development and delivery of cyber security awareness training and promotes security awareness to ensure system security.- Reviews and maintains standard operating procedures and protocols pertaining to security events.- Conducts security research to incorporate knowledge of latest security issues and contributes to improving internal processes.- Assists in developing and executing weekly/monthly/quarterly information metrics and event reports.

High Performance Team & Culture- Supports a culture of leadership and accountability to effectively meet the key accountabilities within the scope of the role.- Displays leadership by committing to a culture of continuous learning/development of self and supports others by actively sharing knowledge, providing guidance, mentoring, training, and supporting developmental opportunities.- Demonstrates that the Health, Safety and Emergency Management Policy is applied in area of responsibility for self and others.TECHNICAL KNOWLEDGE & SKILLS- Knowledge of information security best practices, principles, and methodologies.- Knowledge of Cloud, Azure, and associated technologies as they relate to security.- Knowledge of risk management practices and security program development.- Knowledge of end user security awareness programs.- Skill in analyzing and correlating data to identify potential attacks, patterns of attacks, security violations, incidents, and malicious activity.- Skill in evaluating security trends, evolving threats, risks, and vulnerabilities.- Skill in scripting (Python/PowerShell).- Skill in documenting incident handling processes as run books.- Knowledge of IT systems development life cycle and implementation.

EDUCATION & CERTIFICATIONS- Four-year degree from an accredited post-secondary education institution in a relevant field of study, such as Information Technology, Mathematics & Applied Sciences, or defined equivalency.

EXPERIENCE- 1 - 2 years’ relevant experience.

BEHAVIOURAL COMPETENCIES

Leader Level 2 - Applies (Self & Others)- Accountability - Goes Beyond Basic Expectations to Implement Customer/Partner Focused Solutions- Business Acumen - Applies Business Fundamentals and Thinks i