Cyber Security Analyst

**Cyber Security Analyst**

As a member of the Cybersecurity and Compliance team, the Cybersecurity Analyst will oversee the monitoring and analysis of AutoCanada’s Information and Computing Technology (ICT) and data from a cybersecurity and data security perspective. They will develop security playbooks for Cybersecurity incident detection and response, analyze both current and emerging threats, and manage vulnerability and security monitoring tools. They will also collaborate with the End User Computing, Infrastructure, Networking and Business Application Support teams and key suppliers to minimize AutoCanada’s overall cyber risk.

Assignments may require a level of self-management and ability to collaborate with other teams. This includes working autonomously with mínimal supervision.

This position will report to the Senior Manager, Cybersecurity and Compliance.

**Main Responsibilities**
- Actively respond to information security alerts, providing initial analysis, risk categorization and mitigation actions
- Collaborate with internal and external support resources to troubleshoot and drive resolution for Cybersecurity related issues. Participate in escalation and reporting procedures in accordance with Cybersecurity Incident Management policies and processes
- Research, evaluate and develop tactical solutions to security risks and vulnerabilities within the established risk management framework
- Gather data to provide root cause analysis of critical security events and contribute to continuous improvement of existing processes
- Research and collect data as part of Cybersecurity assessments and audits
- Collect and compile data for analysis of technology environments using discovery tools and methods.
- Collaborate with a third-party SOC to ensure that ICT is continuously monitored and that incidents are responded to in accordance with incident response procedures and runbooks.
- Participate in Cybersecurity risk evaluations during the onboarding third-party IT vendors
- Operate a portfolio of Cybersecurity technology and management tools, including mail and content filtering, identity management, vulnerability management and SIEM.
- Participate in tasks related to vulnerability (anti-virus, software/firmware patch) management and periodic system intrusion testing and investigation of exception conditions
- Perform testing procedures for the assurance and validation of IT asset compliance
- Demonstrate an understanding of compliance policies and procedures. Contribute to the development of improved processes and procedures
- Help to administer and champion an enterprise-wide information security education and awareness campaign
- Act as a technical resource for security projects.

**Working Conditions**

***The role has standard working conditions in an office environment with a regular work week from Monday to Friday. Due to the nature of the role, the incumbent must be able to meet deadlines and handle pressure or stress. Occasional travel to sites may be required in this position depending on IT or business project requirements.

**Competencies**
- Inspires others with impactful communications to the audience through speech and writing
- Applies analytical thinking
- Innovates through problem solving
- Learns the business and stays current with industry trends to elevate expertise and work
- Demonstrates organizational and time management abilities
- Collaborates with key internal stakeholders to enable higher productivity
- Works independently with little supervision
- Does the right thing, takes action and adapts to change
- Believes in humility, shares best practices, desires to keep learning, and plays well with others

**Skills and Qualifications**
- Minimum 3 years of overall work experience
- Between 2 to 5 years of experience in Cybersecurity system administration, incident response, and security compliance is preferred
- Experience working with IDS/IPS, DLP, data encryption, SIEM, vulnerability assessment and penetration testing technologies.
- Experience with Windows / Azure / Active Directory / M365 / Okta is highly desirable
- Experience creating and updating information security policies, standards, procedures, and other documentation
- Knowledge of IT or network operations.

**Education/Certification**
- Bachelor’s Degree in an IT discipline, a related field, or equivalent.
- Information Security certifications CISSP, CISM, CISA, CEH, CEPT, PCI QSA, GIAC or similar relevant information security certifications are desirable

**Technical Skills/Knowledge**
- Knowledge of information security processes and functions including asset management, vulnerability management, incident response, risk management, and identity and access management
- Knowledge of standards, frameworks, regulations, and legislation governing information security and privacy (e.g., National Institute of Standards and Technology (NIST), ISO 27001, PCI, CIS Critical Security Controls, Personal Information Prot