Security Analyst @ Beovexis Insurance Company of Canada

Beovexis is currently searching for a Security Analyst on a permanent/full-time basis for a client in Ottawa.

This role is hybrid and will require someone to go into the office once per week.

The Security Analyst Incident Response's overall role is to operate information security controls, assist IT teams and business users in maintaining compliance with the client's information security standards and policies, and reducing operational risks.

Specific responsibilities include operating security tools and controls, leading or supporting information security incidents resolution, and providing support on information security-related matters to IT and business users. This is an on-call rotating position.

The incumbent will have experience with Information Technology and a solid level of knowledge of Information Security principles. The incumbent will also have experience in one or more of these areas: triaging IT security risks such as phishing or data loss; conducting threat analysis of existing or emerging cyber risk; and/or performing threat hunting to identify existing IT security risks related to systems, applications, and data.

• Operate information security controls in an effective manner to reduce operational risks.
• Address daily requests from IT and business users on security-related matters and take leadership to resolve.
• Take ownership of incidents where applicable and provide summaries and reports to management.
• Ensure adequate and timely resolutions to all audit/review issues assigned to the team.
• Provide the required support to management on matters related to information security.
• React to daily information security incidents and be available on call as required and on a rotational basis.
• Conduct investigations and provide recommendations based on incident outcomes.
• Support implementation of Incident Response-related controls on a continuous basis.
• Adapt to a fast-paced environment.

• At least 4 years of experience working in enterprise IT environments and/or incident response, preferably in a large financial institution.
• Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external peers.
• Active pursuit or attainment of a recognized information security certification, such as CISSP, OSCP, CIH, CHFI, etc.
• Strong technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques.
• Experience reviewing, analyzing, discussing, explaining, and reporting cyber threats and results.
• Strong interpersonal skills, with the ability to respond to multiple incidents simultaneously and in a prioritized manner.
• Excellent communication skills including preparing briefings, presentations, and oral status reports.
• Triaging security alerts and phishing emails to determine potential risk and assess priority.
• Conduct research and engage internal & external stakeholders to determine potential threat and impact from an existing or emerging threat.

• University Degree in Computer Science or Computer Engineering.
• Insurance industry-specific background would be an asset.
• A background in information security operations and threat and vulnerability management.