Technology Security Analyst

Reporting to the Digital Senior Security Advisor, the Technology Security Analyst is responsible for the implementation and operation of security controls as defined in five of the six pillars the NIST CSF and relevant industry specific security frameworks (PCI-DSS etc.).

Duties & Responsibilities

• On going review and investigation of escalated security alerts from Halton’s MSSP (managed security service provider)
• Monitors and where required remediates issues or implements controls to mitigate risks due to malware, phishing (and its variants), account hijacking and other attacks.
• Ensures compliance of the Region’s information systems, internally developed applications (including third party libraries) and operational procedures current security policies, standards, and procedures through regular audit and reviews.
• Administer (including patching) OR review & assess security infrastructure such as XDR / EDR / NDR solutions, network security solutions (firewalls, IPS, WAF) and GPOs, MDM policies or other configuration policy controls and their on-going activities.
• Monitors and advises on the required adjustments of security controls for on premise, cloud, messaging (e-mail etc.) and other applications based upon internal and external threat conditions.
• Conducts regular risk assessment and vulnerability analysis of critical IT systems, network segmentation controls and core business applications (ideally including internally developed applications) and on-premises IT and cloud infrastructure, including IoT (Internet of Things) devices.
• Performs other operational security duties as assigned.
• Develop and provide clear and concise documentation for each project assigned.
• Execute / implement project related deliverables such as those defined in a project manager’s work break down structure.

Skills & Qualifications

Essential

• Diploma in Computer Science from a recognized Community College and / or University.
• Two (2) or more years IT security experience
• Understanding and experience in Zero Trust Security architecture and its practices
• Strong knowledge of network, operating system, cloud, and directory services and especially IAM (identity access management) and PAM / PIM (privilege access / identity management).
• Experience and knowledge of common security solutions such as Windows Defender or similar third-party solutions.
• Experience and knowledge with Microsoft based cloud and on-premises directories, OS (Operating System), Applications and Services.
• Excellent verbal, listening & writing skills.
• Strong interpersonal skills and the ability to work in a team environment
• Security generalist comfortable working in other domains of security
• Ability to work day-to-day on operational security duties while also contributing to assigned projects

Preferred

Achieved and maintains at least one of the following certifications : security certification (SSCP, CCSP, OSCP etc.) OR audit certification (CISA etc.

OR cloud (CCSK, AZ-900 etc.) OR any certification from a recognized organization or vendor (ISC 2, ISACA, OffSec, CSA, CompTIA, EC-Council, Microsoft, Cisco, etc.)

• Experience with network-based security solutions (firewalls, WAFs, IPS / IDS etc.), host and network-based diagnostics (Netflow, Sysmon, etc.)
• Experience and knowledge of application (primarily web) security and projects (OWASP)
• Familiarity with OT (SCADA / PCS) technology and its security
• Familiarity with forensics and e-Discovery tools and methodologies

Working / Employment Conditions

• Current (obtained within the past six (6) months), original and acceptable Criminal Records Check by the first day of employment.
30+ days ago