IT Security Analyst

ERCO Worldwide has operated for over 100 years, focused largely on the production and supply of in-organic products along with technology for the production of chlorine dioxide. Today, ERCO’s major business areas include sodium chlorate, chlor-alkali products, sodium chlorite, and chlorine dioxide technology.

The ERCO business serves a number of key customer segments including pulp and paper, food, energy, agriculture, water treatment, airport de-icing, fertilizers and specialty chemicals.

IT Security Analyst

ERCO Worldwide’s century-long tradition of excellence has firmly established its reputation for providing reliable, intelligent, and environmentally responsible manufacturing on a global scale. As one of the largest suppliers of Chlorine Dioxide technology in the world, we are devoted to building genuine customer relationships and delivering innovative, sustainable chemical solutions that improve lives and the health of our planet. It’s our goal to make everyone’s lives more productive, convenient, enjoyable, and safe.

**OUR VISION**:
To be a leader in delivering innovative and sustainable chemical solutions that improve lives and the health of our planet.

**OUR MISSION**:
We endeavour to provide unmatched value and expertise through sustainable, intelligent,
and reliable products and solutions, creating genuine customer relationships.

Job Summary
The IT Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards establishing and upholding those goals.

Major Responsibilities
Strategy & Planning
- Participate in the planning and design of enterprise security architecture, under the direction of the Infrastructure Manager I.T. where appropriate.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Infrastructure Manager I.T., where appropriate.
- Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the Infrastructure Manager I.T., where appropriate.

Acquisition & Deployment
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Operational Management
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Monitor all in-place security solutions for efficient and appropriate operations.
- Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
- Participate in investigations into problematic activity.
- Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
- Provide on-call support for end users for all in-place security solutions.

Position Requirements
Formal Education & Certification
- College diploma or university degree in Computer Science and a minimum five years work experience.
- One or more of the following certifications:
1. CompTIA Security+
2. GIAC Information Security Fundamentals

**3. Microsoft Certified Systems Administrator**: Security
4. Associate of (ISC)2
Knowledge & Experience
- Extensive experience with Microsoft Azure, O365, MFA, encryption, SSL, Certificates
- Experience with HP Aruba, Fortinet preferred.
- Working technical knowledge of NAC, Network, Wi-Fi.
- Strong understanding of IP, TCP/IP, SSH, RADIUS and other network administration protocols.
- Strong understanding of ESxi, Windows Operating Systems