Cybersecurity Analyst

Siskinds LLP is a leading law firm located in Southwestern Ontario. We are a team of over 240 lawyers and business professionals covering personal legal services, business law, personal injury law, and class actions law as well as over 25 specialized practice areas. We help clients make the right legal choices, manage their legal affairs, and resolve complicated matters. Our culture and working style strive to make our clients’ experiences comfortable, reassuring, and productive while delivering excellence in the services we provide.
Cybersecurity Analyst - Full Time
What are you looking for?
- Be part of a cohesive team that promotes collaboration and teamwork
- Competitive compensation and benefits
- Professional development opportunities
- Strength of a big firm with the culture of a small firm
- Subsidized downtown parking
- Working within State-of-the-art building

Who are we looking for?

**Qualifications**:

- Bachelor of Computer Science degree, or related discipline.
- CISSP, Security+, or equivalent certification required.
- 5+ years of experience in enterprise cybersecurity.
- Skilled in the following enterprise technologies:

- Threat detection
- Security Information and Event Management
- Vulnerability management
- Incident response
- Forensics
- Network security
- Endpoint protection
- Identify and Access Management
- Knowledge of cloud infrastructure, cloud security, and data protection.
- Strong grasp of TCP/IP, networking, and security frameworks.
- Committed to continuous learning in cybersecurity.
- Familiar with Canadian privacy laws, PCI DSS, and SOC 2 compliance.
- Proficient in PowerShell scripting.

Key Responsibilities
Strategic & Operational Security
- Monitor emerging threats, technologies, and compliance standards.
- Evaluate and recommend innovative security tools and frameworks.
- Develop and maintain continuity, incident response, and recovery strategies.
- Drive proactive security upgrades and system hardening initiatives.
- Ensure consistent secure configurations across all systems.
- Coordinate audits and penetration tests; manage remediation of vulnerabilities.
- Advise internal teams on security-related matters.
- Perform compliance reviews to verify adherence to operational standards.
- Report system performance and security posture to leadership.
- Lead incident response efforts from detection through resolution.

Security Tools & Infrastructure
- Manage firewall configurations and endpoint protection tools.
- Administer enterprise security across Microsoft 365, Purview, Azure, Intune, Entra ID, and Active Directory (DNS, DHCP, GPO).
- Lead evaluation and deployment of new security solutions through proof-of-concept initiatives.

Compliance and Risk Management
- Conduct audits, compliance reviews, and vulnerability assessments.
- Align practices with NIST CSF, CIS Controls, PCI DSS, and ITIL frameworks.
- Develop and enforce security documentation, policies, and procedures.
- Ensure compliance with Canadian privacy laws and other regulations.
- Maintain secure configurations and baselines for all systems and assets.
- Monitor and update security solutions to ensure optimal performance and protection.

Security Monitoring and Incident Response
- Develop and maintain cybersecurity incident response plans.
- Monitor server logs, firewall logs, intrusion detection logs, alerts, and network traffic for unusual or suspicious activity.
- Investigate alerts to interpret activity and implement measures or make recommendations for resolution or improving overall security posture.

Training & Awareness
- Deliver cybersecurity training and phishing simulations.
- Lead awareness campaigns to improve organizational security posture.
- Oversee the dissemination of end-user information and training including developing and executing ad-hoc awareness campaigns to measure and improve the organization’s security posture.
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, best practices, improved processes, and the development of new attacks and threat vectors.

Operational Management
- Respond to cybersecurity incidents, including potential extended hours or on-call availability with mínimal notice.
- Detect and address insecure features and malicious activity within networks and infrastructure.
- Proactively identify, prevent, and resolve cybersecurity threats.

**Contact Information**:
Siskinds, London Head Office
**Attention**: Human Resources, 275 Dundas Street, Unit 1 London Ontario N6A 3V8