Analyst, IT Security

Reporting to the Senior Manager, IT Security, the Analyst, IT Security is responsible for protecting Northwestel's IT assets from security breaches which could lead to data loss or service interruptions. This is accomplished by performing device management, configuration changes, monitoring and troubleshooting for security devices such as firewalls, SEIM system (Security Event and Incident Management), VPN devices, host intrusion prevention appliances, anti-virus, anti-spam appliances, and data loss prevention infrastructure.

The Analyst, IT Security must understand the diverse security infrastructure that supports Northwestel's business and be able to differentiate and respond to the unique operational and security requirements. The incumbent must have a comprehensive knowledge of both technical and operational network security best practices and significant experience in a wide variety of technology platforms and security services that Northwestel supports. The Analyst, IT Security must identify and compare technological capabilities that are required to support a particular security service, and identify technological gaps where more development is needed.

Employment Equity

Northwestel values diversity in the workplace and is committed to the goals of Employment Equity. We strive to achieve a skilled workforce that is representative of the population we serve, and as a Northern company, we are committed to the employment and career development of our Indigenous peoples. Please clearly indicate on your application if you are an Indigenous person, a woman, a person with a disability, or a visible minority if you wish to receive hiring preference.

Specific Accountabilities

1. Monitors, reviews, and interprets security alerts and notifications and provides initial response, analysis, and incident management.

2. Assesses and establishes mitigation steps to ensure appropriate incident treatment and informs the Architect, IT Security, Corporate Security, and Northwestel management as appropriate.

3. Manages a variety of security devices such as VPN, firewall, SEIM system, host intrusion prevention systems, identity and access programs, data loss prevention systems, anti-virus, and anti-spam systems.

4. Configures and maintains security devices and appliances as well as provides general knowledge and recommendations for security best practices to Northwestel, as required.

5. Adheres to strict security and associated authentication protocols when dealing with all levels of security requests.

6. Creates updates and maintains documentation related to security assets, controls, incidents and breaches.

7. Compiles, analyzes and makes decisions based on metrics from security devices.

8. Reports security metrics to Architect, IT Security for presentation to Northwestel management and or Corporate Security when required.

9. Available for call outs after normal business hours in the event of a security incident.

Knowledge and Skills Required

• This position requires the following qualifications and competencies:

• Degree or diploma in Computer Science, Technology or Information Assurance.

• Professional certifications: GIAC, CISSP, CISM.

• Minimum of five (5) years of information systems experience, a combination of relevant experience and Information Security certifications may be considered.

• Strong working knowledge of security operational policies, procedures and the ability to interpret SIEM alerts and supporting technologies.

• Working knowledge of risk assessment methods as it relates to vulnerability management.

• Understanding of mitigation safeguards and responses at the systems, network, and application level (VPN, Firewalls, Intrusion Detection, system hardening, single sign-on, encryption technologies).

• Demonstrated experience troubleshooting security solutions including authentication, authorization, encryption, and audit capabilities as part of an overall system design.

• Proven communication, presentation, documentation and interpersonal skills.

• Knowledge of PCI, NIST, CIS, SANS, ISO 27001 or other security frameworks are considered assets.

• As part of the recruitment process for this position, candidates may be required to take pre-employment tests and/or complete work simulation exercise to assess job fit.

What We Offer You

• Health & Wellness Benefits, Pension Plan, Discounts

• Team Incentive Bonus

• Paid Vacation with a Vacation Travel Allowance

• Work-Life Balance

• Community Involvement

Closing

Applications will be reviewed as they are submitted. Posting will remain active until the position is filled.

As a safety conscious COR™ Certified organization, we have an established and comprehensive safety program. We expect all employees to participate in our organizational health and safety programs, adhering to all safe work procedures focused on continuous improvement.