Search jobs > Toronto, ON > Security analyst

Security Analyst

Toronto Parking Authority
Toronto, ON, CA
$69.1K-$75.9K a year (estimated)
Full-time
Quick Apply

POSITION SUMMARY The Security Information Analyst will assist the Toronto Parking Authority with the design, development and implementation of its security awareness plan and security initiatives to help ensure that the best possible measures are in place to maintain secure operations.

The role will be focused on executing threat risk and vulnerability analysis (TRVA). In addition, this role will oversee risk remediation activities, in order to enable both operational and project teams to safely and securely manage their departments.

This role will also be responsible to help monitor, evaluate and maintain systems and procedures to safeguard TPA information and systems while developing and implementing strategies, policies and procedures for the continued security of the organization.

RESPONSIBILITIES Threat Monitoring : Continuously monitor network traffic, security alerts, and system logs to identify potential security incidents and vulnerabilities, with a focus on cardholder data protection.

PCI-DSS Compliance : Ensure adherence to PCI-DSS requirements, including maintaining compliance with all relevant standards and controls for handling and protecting cardholder data.

Incident Response : Respond promptly to security breaches or attacks, including investigating and analyzing incidents involving cardholder data, and implementing corrective measures to address any PCI-DSS violations.

Risk Assessment : Conduct regular risk assessments and security audits with a focus on PCI-DSS compliance to identify potential threats and vulnerabilities and recommend mitigation strategies.

Security Measures : Develop, implement, and enforce security policies, procedures, and best practices to enhance overall security and ensure PCI-DSS compliance.

Vulnerability Management : Perform regular vulnerability scans and assessments, addressing identified weaknesses in systems and applications, and ensuring compliance with PCI-DSS requirements.

Compliance Monitoring : Monitor compliance with PCI-DSS controls and procedures, including data encryption, access control, and network security measures.

Documentation : Maintain detailed records of PCI-DSS compliance activities, security incidents, investigations, and responses, and prepare reports for management and regulatory bodies.

Security Awareness : Educate and train staff on PCI-DSS requirements, security best practices, and organizational policies to promote a culture of security awareness and compliance.

Collaboration : Work closely with IT, development, and management teams to integrate PCI-DSS requirements into system designs and operational procedures.

Tool Management : Utilize and manage security tools and technologies, including firewalls, intrusion detection systems, and encryption software, to safeguard the organization’s digital assets in compliance with PCI-DSS.

Engage with QSA : Collaborate with Qualified Security Assessors (QSAs) to ensure compliance with PCI-DSS standards, prepare for formal assessments, and address any identified gaps or recommendations.

QUALIFICATIONS : Bachelor's degree in computer science, Information Security, or a related field. Relevant certification (e.

g., CISSP, CEH, CompTIA Security+, PCI Professional) are considered an asset. Minimum 5 years of experience in an Information Security role.

Minimum 5 years of experience with administration of various security products such as Palo Alto, CrowdStrike, Cisco ASA and Checkpoint, Microsoft Defender, Microsoft Purview and Symantec endpoint protection, Qualys and Tenable network and web application scanner, CIS benchmarks.

Demonstrated knowledge of and / or familiarity with standards and frameworks such as PCI-DDS, ITIL, COBIT, ISO / IEC 31000 series, ISO / IEC 27000 series, SOC 2.

Demonstrated experience in undertaking security threat and risk assessment using an industry recognized framework equivalent to the Harmonized Threat and Risk Assessment methodology.

Proven experience with LogRhythm or Splunk solutions. Previous experience conducting IT audits considered an asset. Threat Risk Vulnerability Assessment (TRVA) training.

Knowledge of current network, operating systems, hardware, protocols, and standards. Excellent analytical skills Demonstrated ability in solving I.

T. issues, problems and possessing a sense of urgency. Demonstrated integrity in dealing with information and issues of a highly confidential and sensitive nature.

Diligent, detail-oriented, and possess a success-driven work ethic. Demonstrates Commitment to Environment, Health & Safety : Manages risks to protect the health and safety of employees and the public.

Able to perform forensic collections of data and to conduct detailed forensic analysis task including data recovery, production of forensic images and compilation of forensic examination reports.

Ability to collect and manage of evidence to ensure that the chain of custody is fully documented in accordance with local statutes and policies.

Experience In use of forensic and data mining tools to collect, search, recover, sort and organize large amounts of information in all phases of an investigation.

A proven team player & ability to interact and work with people with a variety of backgrounds and at different levels within the organization.

Internal candidates : No new or reclassified employee with less than one (1) year’s continuous on the job service may apply. Powered by JazzHR

28 days ago
Related jobs
PeopleToGo
Markham, Ontario

Reports to: Security Investigation/Analysis Support. Provide support for security staff. Participate in Security incident investigations. ...

Randstad Canada
Toronto, Ontario

My client is looking for an Information security analyst to work with IT team to implement corrective measures, maintain security documentation and assist in remdiation process. This role is an intermediate security operations role and it offers an opportunity to work with business and technical tea...

International Financial Group
Toronto, Ontario

Our client, a top 5 bank, is looking for a JR Security Analyst for a 6-month contract located in Toronto. This is an excellent opportunity for JR Security Analyst with a financial services background . As a JR Security Analyst your duties will include but note be limited to: . Qualifications require...

The Toronto-Dominion Bank (Canada)
Toronto, Ontario

The analyst will provide research, evaluation, assessment, operational, reporting and / or analytical support on Technology Controls / Information Security related programs and initiatives. Security+, CISSP, or other Cybersecurity certifications preferred. Cybercrime Customer Protection Analyst (Can...

Scotiabank
Toronto, Ontario

Cloud / Application Security / Crypto / Identity Access Management. Networking / Security Engineering / Deployment / Devops. ...

Stratejm
Mississauga, Ontario

Assess physical and technical security risks to data, software and hardware. Develop policies, procedures and contingency plans to minimize the effects of security breaches. ...

Scotiabank
Toronto, Ontario

You will contribute to the overall success of the Corporate Security Physical Threat Intelligence Unit and Legal & Corporate Affairs, ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives. Contribute to the enh...

FCT
Oakville, Ontario

Assists experienced team members with Information Security activities, as assigned including security monitoring procedures. Document and perform processes related to security monitoring. Isolate issues using the suite of Security tools. Conduct initial investigations of escalated security and netwo...

Meritek recrutement TI
Toronto, Ontario

We’re seeking an experienced information security analyst focusing on cyber threat detection to deliver cyber security insights on a daily basis. As part of a team of specialists, the information security analyst will “slice and dice” data using various methods and create new visions for the future....

CBC/Radio-Canada
Toronto, Ontario

The Finance ERP Security Analyst is responsible for managing and overseeing the security, and control aspects of Finance ERP systems, ensuring the protection of sensitive data and compliance with relevant regulations. ERP Lead Security Analyst (Finance) (Hybrid). Monitor system logs and security ale...