Intermediate Analyst, Security Operations

Come Build Your Career at Aecon!

As a Canadian leader in infrastructure development, Aecon is safely and sustainably building what matters for future generations to thrive! We lead some of the most impactful infrastructure projects of our generation, at the forefront of transformational change in transportation and energy, and partnering every day to build, connect, power, and strengthen our communities.

At Aecon, you can count on:

• Safety Always. Our number one core value. If we can’t do it safely, we don’t do it at all.
• Integrity. We lead by example, with humility and courage.
• Accountability. We’re passionate about delivering on our commitments.
• Inclusion. We provide equitable opportunities for everyone.

We lead the infrastructure industry with purpose, and our people are at the heart of everything we do. So, we invest in our people, just like they invest in us! 

At Aecon we:

• Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being.
• Believe in helping you build your career through our Aecon University and Leadership Programs.
• Are committed to supporting and investing in inclusive work environments, through initiatives like Equity, Diversity & Inclusion training, our Aecon Women in Trades and Aecon Diversity in Trades programs, and our Employee Resource Groups (ERGs) to ensure we are building inclusion into every aspect of our culture at Aecon.
• Are a leader in sustainable construction. With a strong commitment to operating responsibly by minimizing our impact on the environment and surrounding communities.

Our business success relies on strong execution and continuous improvement – driven by the diversity, expertise and teamwork of our people. We’re always searching the globe for innovative, collaborative minds to join our best-in-class Aecon community!

What is the Opportunity?

Reporting to the Sr. Manager, Security Architecture & Operations, the Intermediate Security Operations Analyst is responsible for supporting the execution of the information security roadmap and managing daily Information Security Operations. The role requires effective prioritization across functional areas, strong documentation and analytical skills, and the ability to proactively identify and address operational needs. 

What You’ll Do Here:

• Support the day-to-day operations of the information security program set out by management.
• Monitor multiple environments to detect, validate and respond to anomalous activity, security events, or unauthorized access of information assets.
• Work to promptly resolve tickets related to information security, such as virus/malware infections on desktop, phishing, suspicious network traffic and vendor account reviews.
• Assist with security vulnerability assessments, identifying and prioritizing findings for resolution.
• Actively seek mitigation or closure in identified security risks and gaps.
• Track security trends/events to provide information on monthly security reporting.
• Attend security industry talks, seminars and events to stay current with latest information security trends.
• Utilize problem solving to find root cause in security incidents.
• Work collaboratively with other Information Services teams to reach common resolutions and goals.
• Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, incident management and security tool implementation.
• Conduct security product evaluations, and recommend products, technologies and upgrades to improve Aecon’s security posture.
• Liaise with security product and service vendors to provide day to day support and monitoring of all networks.
• Work with our internal Communications and Learning teams to provide security awareness and training materials for a wide range of audiences, which ranges from senior leaders to field staff.
• Provide management of regular phishing simulations including, but not limited to, selection of templates, launching of campaigns and providing reporting & enforcement of compliance with phishing related policies.
• Monitor, triage and respond to emails that have been reported by employees as suspicious and potential phishing attacks. Provide monthly metrics related to these reported emails.
• Support the operational components of incident management, including detection, response, and reporting.
• Provide 24/7 response to security operations as it relates to monitoring and alerting of potential security incidents. Be available at any time to actively investigate / document those alerts and manage confirmed security incidents.

What You Bring to the Team:

• A Bachelor's degree in Information Systems or Information Security
• 2-3 years’ experience applying information security principles and practices in an enterprise environment, or 3-5 years of experience supporting information technology.
• Hands on experience of security technologies and tools such as SIEM, IPS, EDR, MDM, web content filters and email security gateways.
• A strong understanding of the business impact of security tools, technologies and policies.
• A good understanding of Windows and Linux operating systems, and network protocols.
• A good understanding of the public cloud (AWS, Azure, etc.)
• Working towards and/or having CISSP and/or Security+ certifications would be an asset.
• Strong in analytical thinking, problem solving and troubleshooting.
• An ability to manage multiple tasks with minimal supervision.
• Excellent reporting skills, with demonstrated ability to create reports.
• Excellent verbal, written and interpersonal communication skills with the ability to explain technical matters to a non-technical audience.
• Flexibility and ability to adjust quickly to changes in priorities, or to different business demands.
• Must be able to respond to, and action, security alerts on a 24/7 basis.

Aecon fosters diversity, inclusion and belonging within and across our organization. We welcome all to apply including, women, visible minorities, Indigenous peoples, persons with disabilities, and persons of any sexual orientation or gender identity.

We are committed to adhering to the objectives and requirements outlined in the Accessible Canada Act (ACA), and to meeting the accessibility needs of persons with disabilities in a timely manner, through the implementation of the requirements of the ACA and its applicable regulations. If you require accommodation under the ACA during any step of the application process please click here.