Product Cyber Security Analyst

Job Title: Product Cyber Security Analyst
Location: Ottawa Office Hybrid
Company: Ribbon Communications

Why Join Ribbon Communications?
At Ribbon Communications, we're not just building innovative products; we're shaping the future of secure communications. Join our dynamic and passionate team in Ottawa and be part of a global leader committed to providing cutting-edge solutions to the telecommunications industry. As a Security Technical Expert, you’ll have the opportunity to work alongside talented professionals to ensure the highest standards of security across our products and services. We believe in fostering an environment where your expertise will thrive and your contributions will have a direct impact on the security and success of our solutions.

Position Overview
We are seeking a highly skilled Product Cyber Security Analyst to join our security team. In this role, you will be at the forefront of ensuring the security of our products and services, working directly with product development teams (both hardware and software). You will play a critical part in assessing security risks, recommending security measures, and providing support to both internal teams and customers. Additionally, you’ll monitor and report on security incidents, vulnerabilities, and compliance issues, ensuring that Ribbon’s security posture remains strong and up-to-date.

Key Responsibilities:

• Provide Security Support: Offer technical guidance on security best practices, standards, and policies to product development teams (H/W & S/W). Act as a security consultant to resolve complex issues.

• Risk Assessment & Vulnerability Management: Collaborate with product teams to perform technical risk assessments and help address security vulnerabilities.

• Ensure Compliance with Security Posture:

  • Review and approve security plans for each product release.

  • Conduct threat modeling to identify and mitigate potential threats.

  • Perform security audits and review security artifacts (e.g., scans, defects, penetration test reports) to ensure risks are properly managed.

  • Assist with security testing efforts and serve as a security consultant to testing teams.

• Customer Engagements:

  • Support customer-facing teams with RFPs, audits, security questionnaires, contract renewals, and analysis of customer-reported security findings.

  • Provide expert assistance during customer security reviews and deep dive assessments.

• Ongoing Security Research: Stay abreast of the latest security trends, threats, and technologies to continuously enhance security practices across the organization.

• Risk & Solution Recommendations: Identify potential security risks in new and existing products and services, and propose actionable security solutions.

Qualifications & Skills:

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field.

• Experience: Minimum 3 years of experience in security-related roles, such as security analyst, security engineer, or security consultant.

• Security Knowledge:

  • Strong understanding of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, CIS, OWASP).

  • In-depth knowledge of security protocols (PKI/X.509), Identity Management, and centralized authentication methods (e.g., Radius, LDAP, TACACS+, SAML, OAuth, OpenID).

  • Experience with Linux and OS hardening.

  • Familiarity with virtualized and cloud-based software architectures, including Virtualized Network Functions (VNF), Cloud-Native Network Functions (CNF), DevOps/DevSecOps, and Public Clouds.

• Security Testing & Assessment: Experience in penetration testing, vulnerability scanning, risk analysis, and other security testing methodologies.

• Threat Modeling: Knowledge of methodologies such as STRIDE, OCTAVE, PASTA, VAST, Attack Trees, etc.

• Communication Skills: Exceptional written and verbal communication skills with the ability to convey complex security concepts to both technical and non-technical audiences.

• Collaboration: Ability to work independently while also being an effective team player across cross-functional teams globally.

• Certifications (Preferred): CISSP, CISM, CEH, OSCP, or similar security certifications.

Why Ribbon?
Ribbon Communications offers an exciting and collaborative work environment where your skills are valued, and your ideas can make a significant impact. We provide opportunities for professional growth and development, competitive compensation, and a commitment to work-life balance. Join us and be a part of a global team that’s dedicated to driving security innovation in the telecommunications industry.

Ready to take the next step in your career? Apply today and join Ribbon Communications in Ottawa!

Please Note:

'All qualified applicants will receive consideration for employment without regard to race, age, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, on the basis of disability, or other characteristic protected by applicable law.'