Senior Information Security Analyst

The Information Security Analyst is responsible for the identification investigation and resolution of security events; as well as for conducting vulnerability audits and taking timely action to remediate findings. They are involved in the design configuration and implementation of security solutions. They are also accountable for the creation and maintenance of standards baselines guidelines and procedures. The Information Security Analyst is expected to be fully aware of the enterprises security goals as established by its stated policies procedures and guidelines and to actively work towards upholding and further developing those goals to improve CFs Information Security maturity level.

What you will deliver :

• Work with Managed Security Services Providers (MSSPs) to manage the security configuration and operation of managed security technologies; respond in a timely manner to escalated security incidents and work with external and / or internal stakeholders to provide timely resolution.
• Review (and / or oversee the monitoring of) logs and reports of existing systems; interpret the implications of identified activity and devise plans for appropriate resolution.
• Participate in the design and execution of vulnerability assessments penetration tests security audits and remediation of identified vulnerabilities.
• Participate in the planning and design of enterprise security architecture; maintain and improve configurations of security solutions for efficient and appropriate operations.
• Participate in the creation of enterprise Information Security documents (policies standards baselines guidelines and procedures).
• Compile metrics related to the Information Security program analyze threat trending and develop a mitigation strategy to minimize identified risks.
• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan
• Recommend new security solutions or enhancements to existing security solutions to improve overall enterprise security posture
• Participate in the deployment integration and security configuration of new IT solutions and of any enhancements to existing IT solutions in accordance with standard best operating procedures and the enterprises security standards.
• Maintain up-to-date baselines for the secure configuration and operations of IT systems whether they be under direct control (i.e. security tools) or not (i.e. workstations servers network devices etc.).
• Maintain up-to-date detailed knowledge of the Information Security industry including awareness of new or revised security solutions improved security processes and the development of new attacks and threat vectors.

What your strengths are :

• Working knowledge of variety of security technologies in areas of : End Point Protection IPS / IDS Malware Protection (Network) SIEM L7 Firewalls Digital Certificates Patch Management URL filtering Identity and Access management (IAM) Cloud Security Operations (AWS Azure GCP) etc.
• Strong understanding of TCP / IP IPSEC SSL / TLS and other network and encryption protocols.
• Strong understanding of all currently supported Windows operating systems; knowledge of Linux distributions is an asset
• Strong understanding of Security Operations in existing Cloud environments (AWS Azure GCP)
• Working Knowledge of CyberArk platform (IAM) administration in is an asset
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Excellent written oral and interpersonal communication skills.
• Proven ability to conduct research into Information Security issues and security products as required.
• Proven ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated; able to work with minimal supervision.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

What you need to succeed :

• Post-secondary education in Computer Science or equivalent combination of education and experience that satisfy the requirements of the position.
• Minimum 5 years of progressive responsibilities in managing security systems Incident Response Risk Assessments Vulnerability Management Cloud Security Operations (AWS / Azure / GCP) Identity and Access Management User awareness training Mobile Device Management (MDM) etc.
• CISSP and other security certificates will be considered as an asset

Why you should join us :

At Cadillac Fairview we have been transforming communities for over 50 years. We are so much more than our properties. We are building leaders at all levels. We offer the challenge of interesting work a great organizational culture the opportunity to collaborate with the best in the business and support for your growth and development. We reward values-based behavior and superior results with a competitive rewards package that includes best-in-class benefits and pension. Imagine a place where you can make a difference!

At CF our everyday actions and critical business decisions are guided by our CF Values. Achieving results is naturally important for us and we achieve results through behaviours that are consistent with our CF Values.

Are you someone who believes in our values

• Aim Higher we strive to exceed expectations
• Own Your Expertise we empower ourselves and each other
• Collaborate Effectively we bring the right people together to get the right results
• Engage with Empathy we objectively consider the needs of others
• Embrace Change we drive learn from and adapt to change

At CF youll join a diverse community and award-winning team where your talent and commitment to excellence are welcomed valued and respected. Were ready to meet you there are you

CF is an equal opportunity employer and is committed to creating a diverse and inclusive environment. If you need reasonable accommodation during the recruitment assessment and / or selection process please notify your CF contact or email

Required Experience :

Senior IC

Key Skills

IT Experience,Splunk,IDS,Cybersecurity,FIPS,PCI,NIST Standards,Information Security,Encryption,FISMA,RMF,Siem

Employment Type : Full-Time

Experience : years

Vacancy : 1

Information Security Analyst • Toronto, Ontario, Canada