Security Analyst Senior

Explore exciting open positions in the IT and Telecom Networking Industry today.

Job Description

• Support the IT application penetration testing program;
• Ability to configure, implement, and maintain security testing tools as well as the configuration of data sources for metric reporting/tracking;
• Working knowledge of Risk and Compliance (GRC) tools as well as collaboration tools such as JIRA and Confluence;
• Perform security testing of applications, networks and infrastructures, including vulnerability assessments and manual testing techniques, penetration testing;
• Identify new and emerging cyber risks and prepare recommendations for appropriate countermeasures, including, but not limited to, new technology investments, new standards, changes in policy or reconfiguration of existing systems or business processes;
• Collaborate with various Bell’s internal stakeholders as well as external partners;
• Produce security assessment reports and distribute to IT Support teams (for remediation);
• Ability to document and educate stakeholders on the findings;
• Ability to research, recommend, and implement changes to procedures and systems to enhance application and systems security;
• Provide feedback on operational and procedural documentation as required;
• Ability to serve as subject matter expert on IT security tools, policies, and controls;
• Take an active role in security-related audits and inquiries;
• Ability to keep up to date on the latest security regulations, advisories, alerts and vulnerabilities;
• Supporting member as required to the Bell IT Security team.

Critical Qualifications/Competencies:

• Minimum of 5 years professional work experience in information security;
• Experience with security testing tools and methodologies in conducting vulnerability and application security assessments;
• Working knowledge with Python or other scripting knowledge;
• Ability to analyze IT solutions and technology infrastructure to identify and assess security vulnerabilities, threats, and risks;
• A track record of results and effectiveness in applications technical support, troubleshooting and analysis, problem resolution, and service availability and reliability improvement roles;
• Think analytically and synthesize technical information from various sources;
• High level of personal integrity, and the ability to professionally handle confidential matters and demonstrate a high level of judgment and maturity;
• Excellent skills of verbal and written communications, relationship building, and influencing others.

Preferred Qualifications/Competencies:

• A security based professional qualification desirable (e.g. CISSP, CISM, CISA, OPST, CEH, OSCP);
• Bachelor’s degree in technology-related field or the equivalent work experience;
• Strong knowledge operating system internals and operations;
• Knowledge of offensive and defensive security operational tactics;
• Understanding of industrial framework such as NIST, MITRE ATT&CK, OWASP, PCI-DSS, ITIL and/or other compliance frameworks;
• Bilingual in French and English would be an asset.