Security Analyst

Regina, Saskatchewan - 100% On-Site at GOS Office

Contract Duration: 2 Years + 1-Year Extension Option

Start Date: October 1, 2025 (or ASAP)

To secure one (1) or more experienced Security Analyst(s) to support the Cybersecurity and Risk Management Branch (CSRMB) in bridging skill gaps, delivering projects, and meeting daily operational needs.

Network & Systems Security: Implement, monitor, and maintain security protocols, firewalls, VPNs, IDS/IPS.

Security Tools & Platforms: Manage SIEM systems (e.g., Microsoft Sentinel), antivirus, and vulnerability scanning tools.

Incident Response: Detect, investigate, and mitigate security incidents.

Risk Assessment: Evaluate and manage IT security risks, recommend and implement solutions.

Compliance: Ensure adherence to ISO 27001, NIST frameworks, and privacy legislation.

Scripting & Automation: Utilize Python, PowerShell, Bash for automation of security tasks.

Penetration Testing (Asset): Conduct ethical hacking and security testing…

The Security Analyst(s) are envisioned to participate in all projects to which they are assigned and perform work including, though not necessarily limited to:

• Handling the security queue in the ServiceNow application used to manage security incident tickets and comply with incident response plans and processes to address potential threats;
• Analyzing the potential impact of new threats and communicate risks to relevant business units;
• Creating and maintaining operational reporting artifacts (e.g. Risk Management Decision Item (RMDI), incident reporting, human resource (HR) investigations, lost/stolen reporting, etc.);
• Compiling and analyzing data for management reporting and metrics;
• Coordinating with CSRMB to create security awareness campaigns. Research proactively regarding needs and trends to anticipate and identify potential security problems/incidents;
• Responding to computer security incidents according to the security incident response policy and providing guidance to first responders for handling information security incidents;
• Coordinating efforts among multiple business units during security incident response efforts;
• Engaging stakeholders to fulfill their requests (e.g. decommission request, assets decommission executions, etc.). Coordinate with other peers in CSRMB to research needs and trends to anticipate security problems or incidents;
• Assessing security incidents and taking prompt actions in terms of engaging required stakeholders and performing root cause analysis of the incident. Stay updated on information security-related attacks and trends;
• Proactively coordinating with appropriate stakeholders across GOS during a security incident - management, security, operations, and others. Provides timely and relevant updates to appropriate stakeholders and decision-makers;
• Analyzing cyber security incidents to solve issues and suggest improvement in incident response procedures. Creates detailed reports and documentation of all incidents and procedures to CSRMB, executive government, and leadership of GOS on a routine basis;
• Supporting the execution and monitoring of phishing simulation exercises, including user targeting, response tracking, and reporting; and
• Responding to and resolving Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs) using ServiceNow.