Cyber Security Analyst

Department: Engineering

Reports To: VP, Operations

Location: Virtual (Calgary)

**COMPANY OVERVIEW**

**Our purpose is to create meaningful connections and infinite scalability.**

Based in Canada with a primary office in Calgary, Alberta — and boasting clients hailing from all over the world — JumpDEMAND is the company behind the highly successful ActiveDEMAND marketing automation platform, considered our flagship offering. ActiveDEMAND started as a digital marketing agency with a vision: build a modern tool set for the multi-client marketer.

ActiveDEMAND was launched in 2012, though the conceptualization of ActiveDEMAND has been materializing since 2005. Since 2002, the founders have constructed a plethora of tools and systems to not only effectively market products and services, but to bridge the gap between marketing and sales. Fast forward to today, ActiveDEMAND has evolved and transformed into something much more than just a Marketing Automation Platform, driven by innovation and forward-thinking, ActiveDEMAND delivers actionable insights to all their clients.

**JOB SUMMARY**

**Are you passionate about cybersecurity and ready to make a real impact? Do you thrive in dynamic environments where your expertise helps shape the future of secure operations?**

We’re looking for a Cyber Security Analyst to join our team and play a key role in protecting our people, systems, and data. Reporting directly to the Vice President of Operations, you’ll lead the charge in developing and enforcing security policies, delivering engaging company-wide security awareness training, and supporting external security assessments.

If you're a proactive problem-solver with a strong understanding of cybersecurity best practices we’d love to hear from you

**RESPONSIBILITIES**
- Ensuring ActiveDEMAND’s software is secure and managing all potential risks, including performing security audits, vulnerability assessments, threat intelligence, and system maintenance.
- Overseeing people and process security, including providing security training, policy creation and enforcement, and stakeholder communication.
- Managing incident response and recovery, including monitoring network activity, responding promptly to security breaches/incidents, and developing and testing ActiveDEMAND’s disaster recovery.
- Collaborating with vendors/stakeholders to ensure they meet ActiveDEMAND’s security requirements and assisting with security assessments/vulnerability tests when necessary.
- Performing both internal and external audits to ensure ActiveDEMAND is following its own security policies and is compliant with any relevant regulations.
- Staying up-to-date on the latest cyber threats, malware, and attack methods to anticipate and defend against them.
- Overseeing the installation and maintenance of security software such as firewalls and anti-virus programs, ensuring all systems are patched and up-to-date.
- Creating and delivering security awareness training for all employees, including educating them on topics such as phishing, social engineering, and safe handling of company devices.
- Developing, documenting, and enforcing security policies and procedures for the entire company, including password policies, remote work security, and physical security for laptops and other devices.
- Serving as the point of contact for our clients regarding security-related issues, explaining complex technical concepts to non-technical staff and management.
- Observing and tracking network activity and security alerts for suspicious behavior.
- Responding promptly to security incidents by investigating the breach, containing the damage, and coordinating the recovery effort to restore systems and data.
- Developing and regularly testing ActiveDEMAND’s disaster recovery and business continuity plans to ensure a timely and effective response to any major security event.
- Collaborating with and vetting third-party vendors to ensure they meet ActiveDEMAND's security requirements.
- Assisting vendors/stakeholders with security assessments and vulnerability tests, providing them with necessary information, and interpreting their findings.

**QUALIFICATIONS**
- Education and Experience: _
- Degree in Computer Information Systems, Information Security, Computer Science, Engineering, or equivalent.
- 3 - 5 years of professional experience working in cybersecurity, information security, or related IT roles.
- Security certification is considered an asset.
- Skills and Knowledge: _
- Strong knowledge and understanding of the latest cyber threats, including the methods to defend against them.
- Comprehensive awareness of security monitoring, incident response, and vulnerability management practices.
- Strong background in process documentation, policy development, and audit preparation.
- Proficient understanding of and exposure to cloud security best practices.
- Demonstrated ability to create and deliver security awareness training programs to both internal tea