Technology Security Analyst

Reporting to the Digital Senior Security Advisor, the Technology Security Analyst is responsible for the implementation and operation of security controls as defined in five of the six pillars of the NIST CSF and relevant industry-specific security frameworks (PCI-DSS, etc.).

Duties & Responsibilities

1. Ongoing review and investigation of escalated security alerts from Halton’s MSSP (Managed Security Service Provider).
2. Monitor and, where required, remediate issues or implement controls to mitigate risks due to malware, phishing (and its variants), account hijacking, and other attacks.
3. Ensure compliance of the Region’s information systems, internally developed applications (including third-party libraries), and operational procedures with current security policies, standards, and procedures through regular audits and reviews.
4. Administer (including patching) or review and assess security infrastructure such as XDR/EDR/NDR solutions, network security solutions (firewalls, IPS, WAF), GPOs, MDM policies, or other configuration policy controls and their ongoing activities.
5. Monitor and advise on necessary adjustments of security controls for on-premise, cloud, messaging (email, etc.), and other applications based on internal and external threat conditions.
6. Conduct regular risk assessments and vulnerability analyses of critical IT systems, network segmentation controls, core business applications (including internally developed applications), and on-premises IT and cloud infrastructure, including IoT devices.
7. Perform other operational security duties as assigned.
8. Develop and provide clear, concise documentation for each assigned project.
9. Execute and implement project-related deliverables as defined in a project manager’s work breakdown structure.

Skills & Qualifications

• Diploma in Computer Science from a recognized community college and/or university.
• Two (2) or more years of IT security experience.
• Understanding and experience with Zero Trust Security architecture and practices.
• Strong knowledge of network, operating systems, cloud, directory services, IAM, and PIM/PAM.
• Experience with security solutions such as Windows Defender or similar third-party tools.
• Knowledge of Microsoft-based cloud and on-premises directories, OS, applications, and services.
• Strong interpersonal skills and ability to work in a team environment.
• Security generalist comfortable working across different domains of security.
• Ability to perform operational security duties while contributing to projects.

Preferred

• At least one relevant certification (e.g., SSCP, CCSP, OSCP, CISA, CCSK, AZ-900, etc.) from recognized organizations or vendors.
• Experience with network-based security solutions (firewalls, WAFs, IPS/IDS), host and network diagnostics (NetFlow, Sysmon, etc.).
• Knowledge of web application security and projects (OWASP).
• Familiarity with OT (SCADA/PCS) security technology.
• Experience with forensics and e-Discovery tools and methodologies.

Working / Employment Conditions

• Must have a current (within the past six months), original, and acceptable Criminal Records Check by the first day of employment.