Security Analyst(s)

If you would like to submit your resume for this position, please, send it to: info@thomasandschmidt.ca

Public client is seeking a one or more Security Analyst(s) to support project delivery and daily operations within CSRMB. The resource will help bridge existing skill gaps, contributing to the successful execution of security initiatives and ongoing operational needs.

Mandatory requirements

• Bachelor’s Degree in a related field (e.g. Computer Science, Information Technology, Cybersecurity) is considered an asset.
• Candidate must demonstrate experience working in the IT sector within the cybersecurity or networking fields within the past 5 years.
• Candidate must be able to work 100% onsite at a Government of Saskatchewan office in Regina.
• Certifications in networking and/or cybersecurity such as CompTIA Network+/Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC) are considered assets.

Optional requirements 

• Experience working with the Public Client (Government of Saskatchewan) or similar organizations, with a strong understanding of their technical and business environment.
• Have working experience with network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
• Have working experience with security tools and platforms (e.g. SIEM systems like Sentinel, antivirus, vulnerability scanners.
• Have working experience with operating systems and platforms (Windows, Linux).
• Have working experience with incident response and handling with an ability to detect, investigate, and mitigate security threats.
• Have working experience with risk assessment and management techniques for evaluating risks and implementing effective security solutions.
• Have awareness of compliance and regulations such as ISO 27001 and NIST security frameworks, privacy legislation, etc.
• Have working experience with penetration testing and ethical hacking is considered an asset.

General tasks

The Security Analyst(s) are envisioned to participate in all projects to which they are assigned and
perform work including, though not necessarily limited to:

• Handling the security queue in the ServiceNow application used to manage security incident tickets and comply with incident response plans and processes to address potential threats;
• Analyzing the potential impact of new threats and communicate risks to relevant business units;
• Creating and maintaining operational reporting artifacts (e.g. Risk Management Decision Item (RMDI), incident reporting, human resource (HR) investigations, lost/stolen reporting, etc.);
• Compiling and analyzing data for management reporting and metrics;
• Coordinating with CSRMB to create security awareness campaigns. Research proactively regarding needs and trends to anticipate and identify potential security problems/incidents;
• Responding to computer security incidents according to the security incident response policy and provides guidance to first responders for handling information security incidents;
• Coordinating efforts among multiple business units during security incident response efforts;
• Engaging stakeholders to fulfill their requests (e.g. decommission request, assets decommission executions, etc.). Coordinate with other peers in CSRMB to research needs and trends to anticipate security problems or incidents;
• Assessing security incidents and taking prompt actions in terms of engaging required stakeholders and performing root cause analysis of the incident. Stay updated on information security-related attacks and trends;
• Proactively coordinating with appropriate stakeholders across GOS during a security incident – management, security, operations, and others. Provides timely and relevant updates to appropriate stakeholders and decision-makers;
• Analyzing cyber security incidents to solve issues and suggest improvement in incident response procedures. Creates detailed reports and documentation of all incidents and procedures to the CSRMB, executive government, and leadership of GOS on a routine basis;
• Supporting the execution and monitoring of phishing simulation exercises, including user targeting, response tracking, and reporting; and
• Responding to and resolving Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs) using ServiceNow.