This job posting has expired and no longer is available. Please explore other opportunities.

IT Security Analyst

GENERAL

The IT Security Analyst plays a vital role in keeping the College’s digital assets, including proprietary and sensitive information secure and available. The security analyst performs day-to-day operations of the in-place security solutions along with the identification, investigation, and resolution of security breaches. Secondary activities for the analyst range from, but are not limited to, involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. Working with the Manager of IT Security, the position assists in the identification and correction of flaws in the College’s security systems, solutions, and programs while recommending specific measures that improve the College’s overall security posture.


TYPICAL DUTIES



Daily Security Operations

Keeps the College’s security systems up to date by completing the following duties:

- Maintains up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control or not;

- Maintains operational configurations of all in-place security solutions as per the established baselines;

- Deploys, integrates, and completes initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures and the College’s security documents;

- Performs regular assessments and audits of existing security systems, tools and controls;

- Monitors all in-place security solutions for efficient and appropriate operations;

- Reviews and analyzes logs and reports of all in-place devices and interpret the implications of that activity and devise plans for appropriate resolution;

- Reviews and analyzes metrics and data to filter out suspicious activity, and to find and mitigate risks before breaches occur;

- Participates in, and may lead, investigations into problematic activity;

- Participates in the design and execution of vulnerability assessments, penetration tests, and security audits;

Analysis and Planning

- Supports and participates in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate;

- Co-operates in the creation and maintenance of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate;

- Generates reports for IT and college-wide work place leaders, as appropriate, and works with them to evaluate the efficacy of the security policies in place and assists in making necessary changes;

- Contributes to the planning and design of an enterprise business continuity plan and disaster recovery plan;

- Participates in PCI-DSS planning, tracking and work activities;

- Participates in and analyzes security risk assessments for 3rd party vendors, cloud solutions and software systems;

- Recommends additional IT security solutions or enhancements to existing security solutions to improve overall enterprise security.


Leadership

- Maintains current knowledge of the College’s IT security goals as established by its stated policies, procedures, and guidelines and works actively towards upholding those goals;

- Maintains up-to-date detailed knowledge of the IT security industry including new or revised security solutions, improved security processes, and the development of new attacks and threat vectors;

- Creates and coordinates awareness sessions to provide employees and other users with information on the use and application of required college IT security protocols;

- Participates as a member of the IT Security Team and advocates for the department in appropriate forums; acts a coordination point for issues by liaising between the Manager, IT Security, the department and stakeholder community;

- Contributes to and supports the development, knowledge and application skills of ITS staff with IT and cyber security techniques and processes;

- Researches, demonstrates and presents in public, when directed by Supervisor, on current IT and cyber security issues and directions for both College and external audiences;

- Assist the Privacy Officer, ITS Managers and relevant work place leaders in providing recommendations related to privacy and the development of Privacy Impact Assessment (PIAs).

- Promotes and supports the application of the Freedom of Information & Protection of Privacy Act (FIPPA) within the college environment;

Performs other related duties similar in scope and complexity.


Subscribe to Job Alerts

© 2024 YYJOBS | Victoria and Vancouver Island jobs