Security Analyst

This organization is a financially self-sustaining public agency that operates within the municipal sector.

They are a major player in the city’s transportation infrastructure, managing a large-scale network that contributes significant revenue to the city's general reserves.

Recognized as a leader in their specific technology services sector, they are integral to supporting the vibrancy and growth of local businesses and residents.

Collaborative Culture: The organization strives to be a collaborative, open, transparent, and friendly place to work, built on mutual respect.

Professional Growth: You will experience professional and organizational growth within a motivated team environment.

Commitment to Diversity: They are deeply committed to equity, diversity, and inclusion, welcoming applications from all groups with historical barriers to equity.+1

Impact: You will join a team that prides itself on the calibre of its people and rewards passion for making a significant contribution to the business.

Role Focus: As a Security Analyst (1-Year Contract), you will execute Threat Risk and Vulnerability Analysis (TRVA) and oversee risk remediation activities.

PCI-DSS Compliance: A major part of the role involves ensuring adherence to PCI-DSS requirements, managing compliance controls, and protecting cardholder data.

Incident Management: You will continuously monitor network traffic and system logs for potential security incidents and respond promptly to breaches or attacks.+1

Vulnerability Management: The role requires performing regular vulnerability scans and assessments to address system weaknesses.

Collaboration: You will work closely with IT and development teams to integrate security requirements into system designs and collaborate with Qualified Security Assessors (QSAs).+1

Security Awareness: You will design and implement security awareness plans to educate staff on best practices and organizational policies.+1

Education: Bachelor's degree in Computer Science, Information Security, or a related field.

Experience: Minimum 5 years of experience in an Information Security role.

Technical Stack: 5+ years of experience administering security products such as Palo Alto, CrowdStrike, Cisco ASA, Checkpoint, Microsoft Defender, and Qualys/Tenable scanners.

SIEM Experience: Proven experience with LogRhythm or Splunk solutions.

Framework Knowledge: Demonstrated knowledge of standards such as PCI-DSS, ITIL, COBIT, ISO/IEC 27000, and SOC 2.

Forensic Skills: Ability to perform forensic data collections, recovery, and analysis, ensuring proper chain of custody.+1

Certifications: Relevant certifications (CISSP, CEH, CompTIA Security+, PCI Professional) are considered an asset.