Cyber Security Analyst – Cyber Defence

Job Title:Cyber Security Analyst – Cyber Defence
Job ID: 81261
Location:Toronto, Ontario

Overview:

The Cyber Security Analyst is responsible for managing and responding to cyber incidents while ensuring the continuous operation and effectiveness of security technologies. This role involves upholding established cybersecurity standards and providing technical expertise and strategic guidance to all divisions, agencies, and corporations of the City.By leading incident response efforts and managing security tools and technologies, the Cyber Security Analyst plays a crucial role in protecting the City’s critical infrastructure and maintaining a secure digital environment for all stakeholders.

What you will be doing:

• Monitors cyber security tools including SIEM, EDR and NDR platforms.

• Investigates and responds to cyber incidents.

• Responds to cyber incidents escalated by stakeholders. Provides response recommendations and performs response actions.

• Performs cyber threat hunting by identifying attack patterns in event activities.

• Collaborates on large, complex projects with the section’s Specialists and/or Senior Specialists, providing hands-on expertise in the operation, configuration and development of security technologies such as EDR, SIEM, NDR, Email Security and SOAR.Monitors, identifies, analyzes, and tests security events to ensure cybersecurity issues are promptly reported and addressed, contributing to the tracking and improvement of security strategies within industry-recognized frameworks.Prepares preliminary background information on cyber security requirements for business strategies to provide appropriate advice, guidance and technical solutions with the assistance of the section’s Specialists and/or Senior Specialists.

• Handles sensitive information affecting the organization and its resources. Prepares management reports to support suggestions for changes/improvements in business processes, training, and service standards that affect optimal workforce numbers and resource allocation.

What you must have:

• Post-Secondary education and experience in a discipline pertinent to the job function: Cyber Security; Computer Science; Information Security.

• Experience/familiarity with threat detection and response tools such as SIEM, EDR, NDR, IDS/IPS, as well as experience/familiarity with cyber incident response procedures.

• Experience/familiarity with SOAR and Email Security solutions.

• Excellent knowledge of MS Office (Word, Excel, Outlook, Power Point); working knowledge of program/project management software.

• Data visualization tools to prepare flow charts, models, and other documentation used in leadership decision-making (e.g.Visio).

• Strong broad-based understanding of IT networks, firewalls, proxies, VPNs and M365

• Strong communication skills to interact with all project stakeholders.

• Ability to work in transformative programs.

• Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.

• Ability to communicate cyber risks and their implications clearly regardless of their complexity, relishes challenges, and projects a collaborative persona.

• Skilled at conveying cyber risks to stakeholders at all levels and translating technical details into language that senior executives can readily grasp.

• Ability to work in transformative programs

• Ability to lead efficient communication between all project stakeholders, including internal teams and clients

• Ability to achieve business objectives through influencing and effectively working with key stakeholders.

• Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors).

• Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.

• Keen attention to detail and strong organizational skills.

• Highly organized, proactive, self-motivated team player who takes initiative and is able to work independently.

• Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.

• Strong analytical skills and ability to prioritise and multitask.

• Ability to prioritize and effectively manage competing priorities and projects.

• Ability to manage multiple initiatives while adhering to strict deadlines.

• Tenacious and willing to support the team during peak volumes and workloads with various activities.

• Able to work extremely well under pressure while maintaining a high level of professionalism

• Self-motivated team player who takes initiative and can work independently.

• Transferable skills, like communication and decision-making, are equally important.

• Being able to think on your feet and show good judgment are especially valuable in this field. “Security pros should always be ready to react to cyber-related incidents quickly.

Other Information:

• A normal work week is 35 hours; however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

• Subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

• Equity, Diversity, and Inclusion:The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

• Accommodation:The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.

For more information about TEEMA and to consider other career opportunities, please visit our website atwww.teemagroup.com