Security Analyst (*1 Year Contract*)

Title: Security Analyst (*1 Year Contract*)

Reports To:  Director, Information Security

Position Summary:

The Information Security team is accountable for establishing and maintaining the cybersecurity risk strategy & roadmap and overseeing the execution for all aspects of the security of CAPREIT’s information systems and information assets. The Security Analyst role has several functions including, but not limited to: reporting, auditing, KPI creation and presentation, patch management, endpoint and server administration, dashboard management, asset management, vulnerability scanning and management, incident investigation and response.

Position Responsibilities:

• Investigate, assess, and respond to incident alerts produced by various security agents and SIEM.
• Run and report results of regular vulnerability scanning on all Capreit information systems.
• Creation and reporting of meaningful KPI security metrics that will be presented to Executive management and Board of Directors on a quarterly basis.
• Create, update and maintain asset management documentation.
• Audit Active Directory accounts and address issues to maintain compliance with corporate security policies and procedures.
• Assist with data collection required during internal and 3rd party audits.
• Involvement in regular patch cycle management.
• Daily management of email quarantine filters.
• Windows endpoint and server administration including commissioning and decommissioning.
• Assistance with management of internal PKI systems and certificate creation.
• Monitoring and management of various security agent dashboards.
• Assist with the delivery of monthly security awareness training and creation of phishing campaigns.

Qualifications:

• Entry Level to 2 years technical IT experience relating to security fundamentals and controls, networking fundamentals, Windows OS administration and implementation
• University degree preferably in a STEM course of study or equivalent experience required.
• Industry certifications in areas relating to System and Network Security are assets.
• Must be proactive and possess strong interpersonal, customer service and organizational navigation skills.
• Must be able to communicate vertically in a complex multi-stakeholder environment - including excellent English writing and verbal presentation skills; Fluent French is an asset.
• Must be self-motivated and willing to work extra hours – some on-call and off-hours work will be required.
• Must be able to learn quickly.
• Must have the ability to methodically troubleshoot technical issues.
• Must be able to handle multiple priorities in a fast-paced environment.
• Security is about staying ahead of adversaries – logic and analytical skills required.