Vulnerability Management Analyst
4 weeks ago
About This Role
Vos principaux rôle et responsabilités
Être un collaborateur individuel et excellent joueur d’équipe qui a à cœur d’améliorer et de soutenir l’entreprise. Coordonner et gérer la correction diligente des vulnérabilités de sécurité à travers un éventail de technologies. Repérer, résoudre et documenter tout faux positif dans les résultats d’évaluation des vulnérabilités. Posséder une bonne connaissance pratique de l’architecture Rapid7, des moteurs de balayage, des serveurs de collecte, des agents, des constructeurs de requêtes, des objectifs et des projets. Collaborer avec les équipes des applications et les responsables de secteurs pour soumettre des lettres de risque afin de se conformer avec le cadre de sécurité informatique et de gestion des risques de l’entreprise. Effectuer des évaluations hebdomadaires, mensuelles et ponctuelles de la vulnérabilité des serveurs, des systèmes utilisateur, des ressources réseau, des ressources publiques et des bases de données à l’aide de Rapid7, Burp Suite, SonarSource, Qualys, ou Mend. Gérer les configurations d’analyse, notamment le groupement des ressources, l’authentification appropriée, la mise à jour des modèles de balayage, la mise à jour des pools de moteurs de balayage et la programmation des analyses et des rapports. Gérer et dépanner les outils de gestion des vulnérabilités. Surveiller l’état général de l’analyse des vulnérabilités, la vérification de l’état du moteur et la génération de rapports, et s’assurer de la réussite du balayage avec l’authentification appropriée. Dépanner les balayages afin de détecter les ressources manquantes ou les balayages de ressources ayant eu une authentification incorrecte ou un échec d’authentification. Créer des demandes d’assistance auprès du fournisseur d’outils d’analyse pour obtenir un soutien approprié. Démontrer une bonne expérience pratique des outils DAST, SAST et SCA. Faire le suivi de la correction des vulnérabilités au moyen du système de demandes d’assistance et effectuer une validation à l’aide d’analyses ponctuelles. Se coordonner avec les équipes principales de réseau, de points de terminaison et de serveurs pour discuter des correctifs qui ne sont pas appliqués depuis longtemps, du niveau de correctif cible et des vulnérabilités courantes qui sont couvertes par le correctif correspondant. Connaitre la méthode d’évaluation des vulnérabilités CVSS (Common Vulnerability Scoring System), les concepts d’exploitation et de mises à jour correctives. Avoir une bonne connaissance des vulnérabilités des applications web, des outils d’évaluation et des méthodologies. Avoir au moins 3 ans d’expérience pratique avec les outils de détection des vulnérabilités susmentionnées et 5 à 8 ans d’expérience dans le domaine de la sécurité de l’information. CEH, Rapid7 Certified Administrator (obligatoire), Qualys Certification (obligatoire), Security+, ITIL ou d’autres certifications en matière de sécurité sont requises. Le poste sera offert au candidat sélectionné dont la performance durant l’entretien et la vérification des antécédents et des références seront positives. Ouvert uniquement aux candidats qui sont physiquement présents au Canada au moment de la candidature et qui sont citoyens canadiens ou résidents permanents. Ce poste n’est pas ouvert aux candidats titulaires d’un visa ou d’un permis de travail.Your main role and responsibilities
Be an individual contributor and a great team player with a mindset to improve and support the business. Co-ordinate and manage timely remediation of security vulnerabilities across various technologies. Identify, resolve, and document any false positive findings in vulnerability assessment results. Have a good hands-on knowledge with Rapid7 architecture, scan engines, collector servers, agents, query builder, goals, and projects. Collaborate with application teams and business unit owners to submit risk letters to comply with the organization's IT Security and Risk Management Framework. Perform weekly/monthly and ad-hoc vulnerability assessments for servers, user systems, network assets, public-facing assets and databases using Rapid7, Burp Suite, SonarSource, Qualys, or Mend. Manage scan configurations, including asset grouping and appropriate authentication; update scan templates; update scan engine pool; and schedule scans and reports. Manage and troubleshoot vulnerability management tools. Monitor overall vulnerability scan status, engine health check, report generation and ensure successful scan completion with proper authentication. Troubleshoot scans for any missing assets and assets scanned with improper authentication or authentication failure. Open support case with scanning tools vendor for appropriate support. Demonstrate good hands-on working experience with DAST, SAST & SCA tools. Track vulnerability remediation via ticketing system and perform validation by ad hoc scans. Coordinate with the core network, endpoint teams and server teams to discuss patches that are not applied for a longer time, target patch level, CVEs covered by the corresponding patches. Be knowledgeable of the Common Vulnerability Scoring System (CVSS) vulnerability assessment method, operation concepts and corrective updates. Have good knowledge of web application vulnerabilities, assessment tools and methodologies. Have a minimum of 3 years of hands-on experience working with above said vulnerability tools and 5 to 8 years of experience in the information security domain. CEH, Rapid7 Certified Administrator (Mandatory), Qualys Certification (Mandatory), Security+, ITIL or other security certifications are required. Job offer is based on the positive screening & interview along with the positive background & reference check. This position is only open to candidates who are physically present in Canada at the time of application and are Canadian citizens or permanent residents. This job is not open to candidates on a Work Visa/Work Permit.Position Type
RegularCAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.
Equal Opportunity Employer
CAE is an equal-opportunity employer committed to diversity, equity, and inclusion. As "One CAE," we take affirmative action to ensure equal opportunity for all applicants regardless of race, nationality, colour, religion, sex, gender identity and expression, sexual orientation, disability, neurodiversity, Veteran status, age, or other legally protected characteristics.
If you don't see yourself fully reflected in every job requirement listed in the job posting, we still encourage you to reach out and apply. At CAE, everyone is welcome to contribute to our success. If reasonable accommodation is needed to participate in the job application or interview process, please get in touch with us at .
-
Analyst
2 weeks ago
edmonton, Canada Gold Investment Management Ltd. Full timeGold Investment Management Ltd. is a boutique portfolio management company located in downtown Edmonton. We are seeking a permanent, full time Analyst to join our team. Under the guidance and supervision of Senior Portfolio Managers: You will work closely with our clients to build long-term relatio
-
Analyst
1 week ago
Edmonton, Alberta, Canada Gold Investment Management Ltd. Full timeGold Investment Management Ltd. is a boutique portfolio management company located in downtown Edmonton. We are seeking a permanent, full time Analyst to join our team.Under the guidance and supervision of Senior Portfolio Managers: You will work closely with our clients to build long-term relatio
-
Cyber Security Analyst
1 week ago
Edmonton, Canada AutoCanada Inc. Full time**Cyber Security Analyst** As a member of the Cybersecurity and Compliance team, the Cybersecurity Analyst will oversee the monitoring and analysis of AutoCanada’s Information and Computing Technology (ICT) and data from a cybersecurity and data security perspective. They will develop security playbooks for Cybersecurity incident detection and response,...
-
Security Guard, Edmonton Vulnerable
2 weeks ago
Edmonton, Canada Backwoods Security Services Full time**Backwoods Security is currently seeking experienced full-time Security Guards to work Edmonton Vulnerable Sector** **Wage**:$18.00 / Hour **Shift: 12 Hour shifts** **What we offer**: - Competitive Health Benefit Package - All uniforms and PPE - Career growth opportunities **Responsibilities**: - Maintain a safe and secure environment for our clients...
-
Security Guard, Edmonton Vulnerable
3 days ago
Edmonton, Canada Backwoods Security Services Full time**Backwoods Security is currently seeking experienced full-time Security Guards to work Edmonton Vulnerable Sector** **Wage**:$18.00 / Hour **Shift: 10 Hour shifts,** **(Friday, Saturday & Sunday from 8pm to 6am)** **What we offer**: - Competitive Health Benefit Package - All uniforms and PPE - Career growth opportunities **Responsibilities**: -...
-
Policy Analyst
2 weeks ago
Edmonton, Canada Beverage Container Management Board Full time**About the BCMB** The Beverage Container Management Board (BCMB) is the regulatory authority for beverage container recycling in Alberta. Established as a management board under Alberta’s Environmental Protection and Enhancement Act (EPEA), the BCMB is also a non-for-profit organization. BCMB leads the development of policy and programs that enables the...
-
Security Analyst
3 weeks ago
Edmonton, Canada CWB Financial Group Full timeAt CWB , we strive to build value for the people who choose us every day: our people, our clients and our investors. We do this by: - Putting people first and building relationships with intention- Seeking out and embracing new ideas- Believing that how we do things is as important as what we do Security Analyst Role Specifications Everyday flexibility....
-
Cybersecurity Analyst
2 months ago
Edmonton, Canada Cybera Full timeCybera is part of the National Research and Education Network (NREN) who are working collaboratively to design and deploy a federated Security Operations Centre (CanSSOC). CanSSOC is developing a Security Operations Centre (SOC) that will support the effective detection and response of cybersecurity threats critical to managing and reducing the growing...
-
Cybersecurity Analyst
2 weeks ago
Edmonton, Canada Cybera Full timeCybera is part of the National Research and Education Network (NREN) who are working collaboratively to design and deploy a federated Security Operations Centre (CanSSOC). CanSSOC is developing a Security Operations Centre (SOC) that will support the effective detection and response of cybersecurity threats critical to managing and reducing the growing...
-
Cyber Security Analyst
1 week ago
Edmonton, Alberta, Canada AutoCanada Inc. Full timeCyber Security AnalystAs a member of the Cybersecurity and Compliance team, the Cybersecurity Analyst will oversee the monitoring and analysis of AutoCanada's Information and Computing Technology (ICT) and data from a cybersecurity and data security perspective. They will develop security playbooks for Cybersecurity incident detection and response, analyze...
-
Enterprise Data Management Analyst
3 weeks ago
Edmonton, Canada AIMCo (Alberta Investment Management Corporation) Full timeDEPARTMENT: Data Management - CLOSING DATE: - March 2, 2024 Opportunity We are currently recruiting for the role of an Enterprise Data Management Analyst. This individual will collaborate directly with key stakeholders in business and technology to enforce data management best practices within AIMCo. Furthermore, the Analyst will undertake data quality...
-
Security Analyst
1 week ago
Edmonton, Alberta, Canada CWB Financial Group Full timeAtCWB, we strive to build value for the people who choose us every day: our people, our clients and our investorsWe do this by: Putting people first and building relationships with intention Seeking out and embracing new ideas Believing that how we do things is as important as what we doSecurity AnalystRole SpecificationsEveryday flexibility. Hybrid work...
-
Security Analyst
4 weeks ago
Edmonton, Canada Government of Alberta Full time**Job Information** Job Requisition ID: 48175 Ministry: Health Location: Edmonton Full or Part-Time: Full Time Hours of Work: 36.25 hours per week Permanent/Temporary: Ongoing Scope: Open Competition Classification: System Analyst Level 2 **Salary**: $2,718.86 to $3,733.10 bi-weekly ($70,962 - $97,433/year) The Ministry of Health leads work in the areas...
-
Enterprise Data Management Analyst
1 week ago
Edmonton, Alberta, Canada AIMCo (Alberta Investment Management Corporation) Full timeDEPARTMENT:Data Management CLOSING DATE: March 2, 2024OpportunityWe are currently recruiting for the role of an Enterprise Data Management Analyst. This individual will collaborate directly with key stakeholders in business and technology to enforce data management best practices within AIMCo.Furthermore, the Analyst will undertake data quality assurance...
-
IT Security Analyst Iv
3 weeks ago
Edmonton, Canada WCB Alberta Full timeAs an equal opportunity employer, we are looking to build a diverse workforce that reflects the diversity of our clients and the customers we serve. Learn more about working for WCB at Careers - WCB Alberta Job Title: IT Security Analyst IV **Job Type**: Permanent / Full time Job Location: Edmonton, Alberta IT Security Analyst IV Business Technology...
-
Security Guard, Edmonton Vulnerable Sector
2 months ago
Edmonton, Canada Backwoods Energy Services Full timeBackwoods Security is currently seeking experienced full-time Security Guards to work Edmonton Vulnerable Sector Wage: $18.00 / Hour Shift: 8 - 12 Hour shifts What we offer: Competitive Health Benefit Package All uniforms and PPE Career growth opportunities Job Responsibilities: Maintain a safe and secure environment for our clients...
-
Security Guard, Edmonton Vulnerable Sector
2 months ago
Edmonton, Alberta, Canada Backwoods Energy Services Full timeBackwoods Security is currently seeking experienced full-time Security Guards to work Edmonton Vulnerable SectorWage: $18.00 / HourShift: Hour shiftsWhat we offer:Competitive Health Benefit PackageAll uniforms and PPECareer growth opportunitiesJob Responsibilities:Maintain a safe and secure environment for our clients by patrolling and monitoring...
-
Security Guard, Edmonton Vulnerable Sector
4 weeks ago
Edmonton, Alberta, Canada Backwoods Energy Services Full timeBackwoods Security is currently seeking experienced full-time Security Guards to work Edmonton Vulnerable SectorWage: $18.00 / HourShift: Hour shiftsWhat we offer:Competitive Health Benefit PackageAll uniforms and PPECareer growth opportunitiesJob Responsibilities:Maintain a safe and secure environment for our clients by patrolling and monitoring...
-
Edmonton, Canada AIMCo (Alberta Investment Management Corporation) Full timeDEPARTMENT: Corporate Services - CLOSING DATE: - September 24, 2023 Opportunity Are you looking to complement your academic knowledge with professional ‘real world’ experience at a global multi-asset class institutional investment manager? Are you a purpose-driven individual who wants to contribute to your community? Do you enthusiastically follow...
-
Analyst
2 weeks ago
Edmonton, Canada Gold Investment Management Ltd. Full timeGold Investment Management Ltd. is a boutique portfolio management company located in downtown Edmonton. We are seeking a permanent, full time Analyst to join our team. Under the guidance and supervision of Senior Portfolio Managers:You will work closely with our clients to build long-term relationships and deliver the high-touch discretionary investment...
