IT Security Analyst

Founded in 2002, theNuclear Waste Management Organization (NWMO)is a not-for-profit organization tasked with the safe, long-term management of Canada’s intermediate- and high-level radioactive waste, in a manner that protects people and the environment for generations to come.

TheNWMOhas been guided for more than 20 years by a dedicated team of world-class scientists, engineers and Indigenous Knowledge Holders who are developing innovative and collaborative solutions for nuclear waste management. In 2024, theNWMOselected Wabigoon Lake Ojibway Nation and the Township of Ignace as the hosts for the site for a deep geological repository for used nuclear fuel.

This decision means our office and staff will, in the future, be relocating to Ignace, Ont., and the deep geological repository will be situated in the area near Wabigoon Lake Ojibway Nation and the Township of Ignace. Infrastructure planning and development are underway to support this transition and ensure that both the community and our employees are well served and supported, now and in the future.

IT Security Analyst
Fulltime - One (1) Position Available

Job Summary:

Reporting to the IT Manager, the IT Security Analyst will specialize in cybersecurity. The incumbent will proactively assist in preventing breaches of all sizes, understand when they occur, and take immediate action to remediate them. The incumbent will review and analyze the environment and recommend solutions for any vulnerabilities. The incumbent will also be required to produce key metrics and health check reports.

• Protect all company data, particularly sensitive data, from both internal and externalthreats by designing broad defenses against would-be intruders.
• Lead day-to-day monitoring for unusual activities, implement defensive protocols andreport any incidents.
• Collaborate with other members of the cybersecurity team and vendors to develop new protocols, layers of protection, and other both proactive and defensive systems that stay one step ahead of cyber criminals.
• Maintain security guidelines, procedures, standards and controls documentation to support cybersecurity activities. Maintain quality service cybersecurity activities. Maintain quality service by following organization standards.
• Participate in the development of best practices, policies and process documents.
• Maintain a working knowledge of current cybercrime tactics. Maintain technical knowledge by attending educational workshops; reviewing by attending educational workshops, reviewing publications and staying abreast of cybersecurity developments.
• Safeguard information system assets by identifying and solving potential and actual security problems. Monitor and update security equipment problems. Monitor and update security equipment (including network monitoring tools).
• Protect system by defining access privileges, control structures and resources. Upgrade system by implementing and maintaining system by implementing and maintaining security controls.
• Recognize problems by identifying abnormalities, reporting violations. Determine security violations and inefficiencies by conducting periodic audits. Review security changes and provide recommendations as needed.
• Implement security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Inform users by preparing performance reports, communicating system status.
• Contribute to team effort by accomplishing related results as needed.
• Manage and configure Cisco Meraki firewalls.
• Conduct day-to-day operational security activities (log review, health checks). Provide daily support on incidents, requests, and projects.
• Participate in information security incident response.
• Provide security recommendations as a Subject Matter Expert.
• Design, implement, coordinate and provide solutions to project activities relating to security.
• Prepare Threat Risk Assessments (TRA) for managing security risks by validating the needed safeguards.
• Level 2 support for analysis of security breaches to identify the root cause.
• Participate in the design and execution of vulnerability assessments, penetration tests
• (internal/external) and security audits.
• Prepare cyber security training on a regular basis for the entire organization.
• Perform other duties as required.

• 4-year University education (BSc/BA) in Computer Science, Information Systems, Cyber Security or equivalent education or work experience.
• A period of over 6 years and up to and including 8 years of relevant experience in IT, security management or cybersecurity experience or relevant experience at a mid- to large-size business.
• CISSP, CISM or equivalent certification. Experience in System Administration, Network Security, On-call network troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs & Switches.
• Experience in installing and documenting security software.
• Knowledge of Cisco/Meraki network equipment and other Cisco security platforms.
• Experience with penetration testing, tools, and techniques. Understanding of patch management, firewalls, antivirus and IDPS concepts.
• Requires an advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Requires hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations. Experience with vulnerability scanning solutions.
• Familiarity with the DOD Information Assurance Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• The incumbent must have strong knowledge in Azure Entra ID, M365 security including MS Defender.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk, Microsoft Sentinel).
• Experience developing and deploying signatures (e.g., YARA, Snort, Suricata, HIPS). Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands. Manage Engine Event Log Analyzer or Splunk).
• Strong knowledge of IT, including hardware, software and networks.
• Strong attention to detail and ability to multi-task in a fast-paced environment.
• Requires strong critical thinking, problem-solving, logic and forensic skills.
• Ability to work successfully in both individual and team settings.
• Ability to think like a hacker to stay one step ahead.
• Requires process improvement skills and writing information security protocols while keeping others well informed.
• Requires excellent verbal and written communication skills to work with a wide variety of stakeholders.