Security Analyst - Jobs in Saskatoon, SK

Job Description

Saskatchewan Blue Cross®, one of Saskatchewan’s Top Employers, is currently recruiting for a full-time permanent Security Analyst in the Information Systems & Technology (IS&T) Department located in our Saskatoon office.JOB FUNCTIONReporting to the Manager, Cybersecurity, the Security Analyst is accountable to perform the day-to-day operation and execution of security solutions and identify and remediate security vulnerabilities detected by scanning tools or by threat intelligence research. Additional areas of accountability include involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability and risk assessments. The successful incumbent will be expected to be fully aware of and actively working towards the achievement of Saskatchewan Blue Cross’ security goals as established by its stated policies, procedures, and guidelines.DUTIES & RESPONSIBILITIES

• Respond promptly to zero-day vulnerabilities to implement recommended remedial controls from the impacted vendors and threat intelligence publications
• Perform key security responsibilities including server and network appliance hardening including patching and configuration changes to ensure the mitigation of emerging threats
• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits
• Maintain baselines for the secure configuration and operation of all security tools, workstations, servers, cloud solutions, mobile devices, and network devices
• Participate in investigations into problematic activity
• Monitor all in-place security solutions for efficient and appropriate operations
• Review logs and reports of all in-place devices, interpreting the implications of identified activity and devising plans for appropriate action
• Provide after-hours support for urgent requests from end users regarding all in-place security solutions and practices as required
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with best security practices and in alignment with corporate policies
• Participate in the planning and design of enterprise security architecture, an enterprise business continuity plan, a disaster recovery plan, and the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures), under the direction of the Manager, Cybersecurity where appropriate
• Perform other related projects and duties as assigned

QUALIFICATIONS & SKILLS

• Post-Secondary Diploma or Bachelor’s Degree in Computer Science or a related field with minimum of 5 years’ of directly related work experience. An equivalent combination of training and experience will be considered
• Completion of one or more of the following certifications or equivalent: CompTIA Security+, GIAC Information Security Fundamentals, Microsoft Certified Systems Administrator: Security or Associate of (ISC)2 would be considered an asset
• Knowledge of:
  • Security standards and frameworks including NIST CSF, ISO 27001 and CIS Controls
  • Antivirus and endpoint detection and response solutions
  • Microsoft 365 Advanced Threat Protection and Secure Score would be an asset
  • Developing Incident Response Plans, Business Continuity Plans and Disaster Recovery Plans would be considered an asset
  • Securing mobile and web applications
  • Delivering employee security awareness training would be an asset
• Experience in:
  • The application of security controls to core IT infrastructure and cloud resources
  • Fortinet and Cisco network infrastructure devices (firewall, routers, switches, load balancers)
  • Virtualization technologies (VMWare and Hyper-V)
  • TCP/IP, PKI (certificates, encryption and hashing algorithms) and other network administration and security protocols
  • Advanced configuration of network and security appliances and tools (firewall, IPS, Windows servers, email filters, endpoint security tools)
  • Securing and hardening operating systems, application servers, and infrastructure devices
  • Applying security standards and controls on-premise and in the cloud (IaaS, SaaS, PaaS)
  • Performing vulnerability scans, penetration tests and other security reviews of tools and projects
  • Performing security incident investigations, documentation and reporting findings
• Proven analytical and problem-solving abilities
• Good written, oral, and interpersonal communication skills
• Ability to present ideas in business-friendly and user-friendly language
• Highly self-motivated and directed
• Team-oriented and skilled in working within a collaborative environment
• Ability to travel when required to meet operational needs and to occasionally work outside of core operating hours
• The successful candidate will be required to undergo a background check
• Must be legally entitled to work in Canada on an unrestricted basis

Quick Apply

• Terms & Conditions
• New Privacy
• Privacy Center
• Accessibility

For Job Seekers

• Browse Jobs
• Advanced Job Search
• Emplois Quebec

For Employers

• Post a Job

Stay Connected