Information Security Analyst

You are a self-motivated achiever who gains satisfaction from providing excellent customer service and thrives in a dynamic environment. You are excited about working in a high-paced environment providing security advice on your cloud infrastructure, including network, service, and application components. This role conducts risk assessments, architectural reviews, provides cyber security subject matter expertise, and assists in the building and design of secure solutions. Additional duties may include network and application penetration testing, and support for cyber security investigations as well as on-call response for cyber security incidents. As well, you will be building out our disaster recovery and business continuity process and plan. You are highly organized, detail-oriented, with good verbal and written communication skills.

As a key member of the IT Team, the Information Security Analyst will work closely with IT Operations to support secure business applications, data, infrastructure, and IT processes as well as lead in the creation of an Information Security strategy for RSL.

Duties and Responsibilities

1. Assist IT operations team in defining baselines for the secure configuration of all devices.
2. Maintain operational configurations of all security solutions as per the established baselines.
3. Review logs and reports of all installed devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
4. Lead and conduct vulnerability assessments and deliver clear, actionable reports.
5. Lead in the design and execution of vulnerability assessments, penetration tests, and information security audits.
6. Lead the planning and design of enterprise security architecture.
7. Lead in the creation of enterprise security documents, i.e. policies and standards.
8. Provide oversight and contribute to the design and deployment of infrastructure and application solutions.
9. Maintain up-to-date detailed knowledge and awareness of information security risks, solutions, new attacks, and threat vectors.
10. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
11. Problem-solving mentality leveraging internal and/or external resources.
12. Exceptional written communication and strong verbal communication skills.
13. Experience with non-technical attacks and social engineering.

Skills and Qualifications

1. Technical Diploma or University degree in Computer Science or related field.
2. One or more of the following certifications preferred:
3. ISC)2 - CISSP, CSSLP, CCSP; GIAC - GSEC, GCIH, GCIA, GCFE, GWAPT or GPEE.
4. Solid understanding of modern authentication protocols and a background in cyber security.