Cyber Security Analyst - Special Project (September 2025 - March 2026)

Status: Special Project (September 2025 - March 2026)

Hours: Monday - Friday, 35 hours/week

Home Campus: Fennell (hybrid work arrangements available)

Rate of Pay: Payband 10 ($87,239 - $109,049 per year)

Posting Date: July 25th, 2025

Closing Date: August 1st, 2025 at 7:00 pm EST

We believe the rich diversity among our students and the communities we serve should be reflected within our workforce. As educators, we believe it is important to act and show leadership in advancing the principles of reconciliation, equity, diversity, and inclusion in our community.

Job Summary

The Cyber Security Analyst supports Mohawk College's Cyber Security Framework and will collaborate with technical professionals and business leaders across the college as well as the broader Mohawk College community to ensure that technology is procured, designed, built, operated, maintained and monitored with consistent practices that respect the confidentiality, integrity and availability of our systems and data.

This individual will facilitate and continuously improve technology risk assessment methodologies including Threat and Risk Assessments which help express the likelihood and impact of Cyber Security incidents. Where attacks against infrastructure and endpoints are successful, the Cyber Security Analyst will support incident response activities. They will also continuously test the security posture of systems and networks including the review of port maps and scans and ensuring configurations meet the concept of least privilege.

This individual will also be responsible for maintaining and monitoring infrastructure related to prevention, detection, and response technologies which includes antimalware, intrusion prevention and detection, and the collection of system event logs from data centre, network, endpoints, security, IoT, and cloud systems. The incumbent will be responsible for receiving, triaging, investigating, and remediating incidents and problems with Mohawk College's infrastructure working collaboratively across infrastructure, endpoint, database, and application development teams for resolution to incidents and closure with the security operations centre. This individual will also ensure that newly built systems and networks through formal change management are outputting the appropriate security telemetry and that they are effectively protected, monitored and tuned. They will also actively develop threat-hunting hypotheses and test for the presence of adversaries actively embedded in systems and networks using innovative approaches and deception technologies.

The Cyber Security Analyst will also work to address compliance with College policies, standards, procedures, and guidelines including but not limited to PCI DSS (Payment Card Industry Data Security Standards) and Mohawk College's Information Security Framework which are based on the National Institute of Standards and Technology's Cyber Security Framework with a control catalogue leveraging ISO 27002.

The College requires this role to contribute, build, and communicate security awareness materials including delivery of mandatory training at the time of hire and on an annual basis. These activities also include delivering presentations to the College community on security awareness on a regular basis.

What you'll be doing:

Strategy, Governance, and Oversight

• With a detailed understanding of all layers of technology and fundamental understanding of the defense in depth model along with the cyber security killchain the incumbent will advise, contribute, to projects related to Mohawk College's Cyber Security Strategy and roadmap based on evidence based findings.
• Design, facilitate and continuously improve technology risk assessment methodologies including Threat and Risk Assessments, Cloud Risk Assessments and Project Risk Assessments which help express the likelihood and impact of Cyber Security incidents and contribute to Mohawk College's Enterprise Risk Management Framework.
• Provide assessment and recommendations related to threat and risk mitigation of IT projects to ensure that new systems have adequate protection and are optimally configured to provide the appropriate security visibility.
• Recommend, advise, and update Cyber Security Policies, Standards, Procedures and Guidelines as required to reduce risks as identified from lessons learned.
• Proactively and collaboratively, work and instruct each IT Operational Area within the IT Department to maintain Cyber Security best practices and ensure compliance with Mohawk College's Cyber Security Policies.
• Advise and guide on the appropriate use and configuration of cryptographic controls.
• Assist departments across the College with understanding the sensitivity of data based on Information Security and Classification Policies.
• Maintain the Cyber Security Service Portfolio for the IT Department including how Cyber Security Services should be requested and delivered in a repeatable practice with collaboration from each IT Area to ensure opportunities for improvement are implemented.
• Contribute to business continuity and disaster recovery planning activities.
• Proactively maintain currency with evolving industry trends in cyber security and understand and communicate how that may impact the IT Strategy and Cyber Security Strategy.
• Develop and maintain Cyber Security metrics to express security coverage and visibility, policy compliance, security event and incident trends, vulnerability exposure, patch latency and e-mail security trends. Continually work to map these metrics to business problems or outcomes.

Audit and Compliance

• Conduct technical assessments, gap analysis's and audits of existing technology infrastructure to validate or identify missing controls.
• Provide input into compliance management by monitoring whether key policy, regulatory or legal requirements are being met.
• Create, deliver, and monitor a framework for accountability in remediation activities and track timelines for delivery of controls.
• Work collaboratively within a team environment to execute Payment Card Industry Data Security Standards (PCI DSS) compliance activities.
• Champion PCI DSS and provide support and guidance to the College community to ensure maintenance of compliance from year to year.
• Guide work with outside consultants and contractors to conduct assessments of technology infrastructure.

Vulnerability and Threat Management with Penetration Testing

• Design, build, maintain, grow, and monitor the College wide vulnerability management program.
• Track, update, and on-board assets into the vulnerability management program.
• Ensure that assets are classified for the correct context with data classification and data volumes identifying the most critical assets within the infrastructure.
• Ensure that vulnerabilities are mitigated in a prioritized approach using threat intelligence, criticality, and asset context.
• Make complex decisions on how mitigate specific vulnerabilities that cannot be patched.
• Conduct tests and attempt penetration to ensure that vulnerabilities have been appropriately mitigated and come up with alternative attack methodologies to retest the mitigations.
• Deploy ethical hackers (penetration testers) to validate the security of systems believed to be already fully secured and leverage their feedback to apply additional security controls to harden systems and infrastructure.
• Build reports, dashboards, and track trends related to patching and configuration management activities.
• Ensure consistent authentication of scanning infrastructure and regularly monitor and resolve issues to improve scan accuracy.
• Maintain scripts in PowerShell that integrate with the API of the vulnerability management platform.
• Monitor threat feeds to understand current industry threats against existing College infrastructure and understand how these threats affect delivery of future projects.
• Participate in Higher Education distribution groups to understand industry specific threats and potential opportunities for collaboration.

Security Event Management and Monitoring

• Work as the primary liaison with our security operations centre to ensure they are informed of changes within the Mohawk College environment and investigate, triage, and resolve security incidents and investigations within Mohawk College infrastructure collaboratively with Infrastructure, Network, Database, Applied Research and Application Development teams.
• Monitor and triage end point and network security platforms and conduct investigations based on risk of reviewed events.
• Build use cases and alerting within end point, data centre, and network security platforms to quickly alert to events that require investigation and those which directly invoke incident response. The incumbent will need to deeply analyse risk and consider all factors in the creation of dashboards and alarms and work collaboratively with the security operations centre.
• Assist the security operations centre with maintaining and feeding the Security Information and Event Management infrastructure to monitor all systems and users at all campuses and work to assist ingested data from cloud applications and API's.
• Ensure that the Security and Information Event Management infrastructure has assets classified for appropriate context to express the appropriate level of risk and exposure and to prioritize alarms and notifications for the security operations centre.
• Work with Jr employees and co-op students showing leadership and guidance to monitor infrastructure and provide valuable work experience.
• Use feedback from incident response and threat hunting activities to further develop use cases, tuning, and data points required to arrive at defensible and clear conclusions.
• Understand machine generated event messages in detail and make sound judgement on whether events attribute to identifying the who did what where and when or if they should be discarded from log management storage.

Incident Response

• Invoke, lead, and instruct incident response activities derived from security monitoring operations event data and user reported incidents and information.
• Collaborate across a functional team of IT subject matter experts for the immediate mitigation of the incident. Further instruct the team through the identification of root cause and advise on remediation activities to improve the security posture of the College.
• Build and maintain incident response playbooks to model the activities that must take place when responding to Cyber Security incidents. Plan to leverage these playbooks to build and mature security orchestration and response across multiple technology layers.
• Develop and acquire tooling for forensic capabilities to leverage during incident response activities.
• Work with departments and provide instruction and feedback as to what caused the events and how to avoid the events in the future.
• During security events, incidents and forensic investigations:

Identity Management Governance

• Research, advise, and work collaboratively to build out the College's identity and access management tooling with collaboration between Human Resources and IT departments.
• Make sound judgement calls and provide leadership and instruction in terminating accounts in an appropriate timeline while respecting relationships with our customers and community members in compliance with Cyber Security Policies.
• Ensure that identity is consistently monitored throughout Cyber Security architecture.

Threat Hunting

• Surmise that adversaries have compromised the College network and develop threat hunting hypotheses to test the existence of intruders in the College network.
• Leverage open source tooling and deception technologies to bait and lure adversaries into exposing themselves on the network.
• Use sound judgement to place deceptive technologies on the network in locations that create early alarms and indicators of compromise to identify and eradicate intruders.

Cyber Security Education and Awareness

• Support the procurement, planning, preparation and delivery of all Cyber Security related education, awareness and training.
• Track, monitor, and report compliance of Cyber Security Education and Awareness programs and provide reminders, suggestions, and recommendations to improve participation levels.
• Proactively identify areas of need for Cyber Security Education and Awareness.
• Design, prepare and delivery Cyber Security Education and Awareness sessions, presentations, videos, or other activities.
• Design phishing simulation campaigns for use against College employees, present the campaigns to the Cyber Security department and further run those campaigns while capturing metrics.
• Identify newly emerging threats that relate to end user computer environments and develop and deliver training material to mitigate risks.
• Proactively maintain currency with industry best practices in Cyber Security Education and Awareness and make recommendations on new initiatives or changes to existing programs

Vendor, Resource and People Management

• Manage interactions and engagements with Cyber Security vendors.
• Maintain relationships and currency with the evolving Cyber Security and vendor community to be able to recommend new and evolving tools and technologies that ensure best value for money.
• Conduct risk assessments of vendors in collaborative manner with requesting business owners.
• Collaborate and work with all areas across the IT Division on projects and implantations to ensure they are built with the appropriate documentation, baselines and standards.

Other duties as assigned.

What you'll bring to the role:

• A three year Diploma/Degree in Computer Sciences, Sciences, Mathematics or equivalent experience in Cyber Security.
• Certification in Cyber Security such as a CISSP, CISM, CCSP, SSCP, CEH or other is preferred.
• A minimum of five years of experience in similar roles where the individual interacted with security functionality and event data across an organization.
• Proven collaborative and inclusive operating style
• Experience and proven ability to work in a fast pace, dynamic environment with highly restricted information.
• Demonstrated experience in high risk situations where they have been required to have high level of political acuity and business acumen to professionally deliver concise information at a time of high pressure.
• Ability to absorb large amounts of information, analyzing and synthesizing key ideas and recommendations, and effectively presenting across a spectrum of business and technical audiences.
• Exceptional people, interpersonal, political acuity and business acumen skills.
• Experience with IT technology across endpoint, data centre, server systems, cloud, and network technologies is mandatory.
• Knowledge and experience with technology and the Cyber risk environment in higher education.
• Demonstrated commitment and understanding of human rights, equity, diversity, inclusion, and accessibility.
• The ability to communicate and work effectively with diverse students, employees, and communities.

What we offer:

• Effective September 1, 2025, employees will receive 22 paid vacation days.
• Opportunity to gain experience and build relationships at a Hamilton/Niagara Top Employer.
• Access to professional development opportunities.
• Option to enroll in Defined Benefit pension plan (CAAT) with contributions matched by Mohawk College.
• Discounted rate for full-service athletic facility and instructor-led classes.
• Opportunities to engage in wellness events and activities.

To find out more about working at Mohawk College, please visit https://www.mohawkcollege.ca/about-mohawk/careers-at-mohawk

We are committed to reconciliation and nurturing an inclusive, diverse, equitable, and accessible (IDEA) environment for everyone who learns and works at Mohawk College. We welcome applications from racialized persons, women, Indigenous people, persons with disabilities, 2SLGBTQIA+ persons, and others who may contribute to the further diversification of ideas.

The College is committed to fostering inclusive and barrier-free recruitment and selection processes. If you require accommodation during any stage of the recruitment process, please contact Human Resources.

To learn more about Mohawk College's commitments, please visit the Mohawk College strategic plan webpage: https://www.strategicplan.mohawkcollege.ca/