Loading...
Share this Job

IT Security Analyst (Intermediate)

Posting Date: Jun 1, 2021

Location: Moncton, New Brunswick, CA, E1C 8L3 Dartmouth, Nova Scotia, CA, B3J 3C6 Etobicoke, ON, CA, M9C 5P1 Montréal, Quebec, CA, H3A 3A7

Company: Medavie Blue Cross

For over 75 years, Medavie Blue Cross has been a leading health and wellness partner for individuals, employers and governments across Canada. We are proud to be a not-for-profit organization dedicated to giving back to the communities where we live and work, and to ensuring our employees thrive in our award-winning, collaborative culture. We are one of Canada’s Most Admired Corporate Cultures and are recognized as a Caring Company, a designation for national leaders in community investment and social responsibility.

 

Our team of 2,100 professionals work across six provinces. We excel by living our shared values of being caring, accountable, responsible, innovative and community-minded. We’re committed to ensuring the health and wellness of our employees and their families, along with personal and professional growth, through a variety of programs and support at all levels of our organization.

 

Along with Medavie Health Services, we are part of Medavie — a national health organization with over 6,400 employees. Together, our mission is to improve the wellbeing of Canadians. 

 

Job Title: IT Security Analyst (Intermediate)
Department: Security Services
Competition: 12981
Internal/External: Internal/ External 
Employment Type: Full time, permanent 
Location: New Brunswick, Nova Scotia, Quebec or Ontario (remote work options available)
Salary: Competitive Compensation
Reports To: Manager
Closing Date: June 13, 2021
Referral Bonus Eligible Amount: $1000.00

 

 

Position Summary

The Intermediate IT Security Analyst will manage and monitor a number of security systems, analyze and assess security events, report threats and incidents to technical staff and management and ensure that issues are addressed in a timely manner, and provide ongoing security reporting to management.

 

Key Responsibilities

  • Perform intermediate level management and monitoring of the Security Information Event Management (SIEM) system.  Interface with the security contacts of the various technical teams to report security alerts and threats.  Generate monthly reports for management.
  • Perform intermediate level management and monitoring of the Vulnerability Management system.  Interface with the security contacts of the various technical teams to report vulnerabilities.  Generate monthly vulnerability reports for management.
  • Perform quality control administrative tasks as part of the Access Control Process to help ensure access is managed with precision and efficiency.
  • Monitor compliance, alerts, and events related to various forms of cyber-attacks and threats.  Interface with the security contacts of the various technical teams to report detected issues.  Interface with management to report alerts.  Generate monthly reports for management.
  • Perform intermediate level management and monitoring of the Data Loss Prevention (DLP) systems to control access to ports and media, control the movement of sensitive information, and maintain and manage DLP rules.
  • Monitor industry security alerts and track the progress related to risk mitigation.
  • Generate ongoing Security Metrics and statistics.

 

Required Qualifications

  • Experience in securing file shares and/or databases.
  • Formal training related to information security or a security certification such as CompTIA Security+, CISSP, CISA, or a SANS certification would be an asset.
  • Experience in administering or implementing access controls to secured systems.
  • Fundamental knowledge of security threats and security vulnerabilities and resolving security incidents.
  • Fundamental knowledge of security systems such as Anti-Virus, Vulnerability Scanners, Data Loss Prevention (DLP), Firewalls, or Intrusion Detection/Prevention would be an asset.
  • Fundamental knowledge of Security Information and Event Management (SIEM) system would be an asset.

 

Education: Relevant University degree or College diploma

 

Work Experience: A minimum of 10 years’ experience in the IT industry with minimum 3 years dedicated to security

 

Other Qualifications:

  • Intermediate level of knowledge of security related to information systems such as cyber-threats, telecommunication circuits, network devices, server devices, firewalls, and/or applications.
  • Intermediate level experience in securing file shares and/or databases.
  • Intermediate level experience in administering or implementing access controls to secured systems.
  • Intermediate level knowledge of security threats and security vulnerabilities and resolving security incidents.
  • Intermediate level knowledge of security systems such as Anti-Virus, Vulnerability Scanners, Data Loss Prevention (DLP), Firewalls, or Intrusion Detection/Prevention would be an asset.
  • Intermediate level knowledge of Security Information and Event Management (SIEM) system would be an asset.


Skills:

 

Access Controls

  • Ability to administer user access rights and privileges
  • Ability to perform quality control checks upon the user access rights administration process and provide guidance to the security administrators
  • Security Breaches and Rapid Detection
  • Ability to detect and investigate complex security breaches and attacks in accordance with established procedures
  • Ability to perform some packet and traffic pattern analysis and perform analysis of network and host based attacks
  • Ability to build and execute intermediate level hunting and detection routines to detect the presence of malicious code and malicious and potentially damaging activity
  • Ability to capture and decipher digital forensics related to a breach and generate solid, accurate, and reliable evidence and reports for management
  • Ability to apply basic forensics techniques and procedures
  • Ability to manage security breach incident responses for moderately complex incidents
  • Ability to perform intermediate level administration, management, and maintenance of enterprise level detection control systems such as anti-virus, anti-SPAM, IDS/IPS, and Threat Intelligence services.

 

Vulnerability Management

  • Ability to perform intermediate level vulnerability management tasks, configure and run scans, and generate reports
  • Ability to independently manage vulnerability management systems and recommend and implement improvements to these systems
  • Ability to perform monitoring of industry security alerts, make recommendations to management on how to mitigate risks, and track the progress related to risk mitigation
  • Security Information Event Management (SIEM)
  • Ability to independently manage and support a Security Information Event Management (SIEM) system
  • Ability to build complex correlation rules, reports, and alerts in order to better detect unwanted activity and events

 

Data Loss Prevention (DLP)

  • Ability to independently manage and support a Data Loss Prevention (DLP) management system

 

Reporting

  • Ability to generate security metrics and reports with accuracy


Language Skills: English; Bilingualism considered an asset

 

 

We would like to thank all candidates for expressing interest.  Please note only those selected for interviews will be contacted.

Medavie Blue Cross is an equal opportunity employer.


Job Segment: Telecom, Telecommunications, Corporate Security, Information Systems, Technology, Security