SECURITY MANAGEMENT AND SUPPORT

This is a remote position.

.

Liaise with Client business and technical resources to troubleshoot and resolve any assigned security problems or queries.

.

Liaise with Client external business partners to troubleshoot and resolve any assigned security problems or queries.

.

Ensure that security practices integrity and accuracy across all systems within the Client are maintained.

.

Identify potential security incidents assigned by the SOC team lead.

.

Prioritize and categorize security incidents on the companys ticketing platform according to the Cybersecurity Incident Response Plan.

.

Apply containment and remediation mechanisms necessary to prevent the spread of a security incident based according to the defined SLAs.

.

Escalate to the Threat Intelligence (SOC III) team when needed.

.

Contribute to delivering Root Cause Analyses (RCAs) for major incidents.

.

Contribute to the deployment of security incidents playbooks.

.

Ensure queues tickets and priorities are being worked effectively.

.

Correctly document and complete the necessary information on the companys ticketing platform.

.

Ensure patch cycles in the company SIEM are maintained.

.

Report on status: ticket reporting incident statistics etc.

.

Contribute to administering security tools such as SIEM EDR etc.

.

Contribute to Operations processes and standards.

.

Consult recommend and advise on operations optimization opportunities such as tooling evolution managed service opportunities virtualization etc.

.

Be willing to participate in oncall teams during nonoffice hours.

.

When required: assist with current Operations workload and incident resolution.

.

Provide necessary document on security practice and process Systems Configuration and troubleshooting guides.

.

Promote a dynamic work environment to support the constant evolution of data technologies and business needs.

Requirements

.

Bachelor s degree in computer science / information technology

.

A minimum of four (4) years of experience developing improving and monitoring security measures to protect computer networks devices applications data information and users.

.

Certified Information Systems Security Professional (CISSP) would be an asset.

.

Knowledge of government procurement practices financial and human resources operations and considerable experience in payroll practices would be considered assets.

.

Ability to understand Government workflows processes and approvals.

.

Knowledge of modern project management best practices and considerable experience in technical projects delivery would be considered an asset.

.

You have at least 3 years of relevant experience in IT technologies Incident & Change or ITIL Processes and/or Vendor Relations.

.

An IT security certification: CEH CISSP CompTIA or others would be an asset.

.

Solid experience in designing and implementing IT security solutions or environments.

.

Able to understand and explain the capabilities and drawbacks of various technologies & configurations.

.

Acquired skillset to identify probable root causes of issues or incidents.

.

Demonstrable skills in change management for implementing changes both inperson and remotely.

.

Subject matter expertise including a solid working knowledge in SOC EDR network security web security mail security and vulnerability management technologies

.

Application Security: Expertise in administrating rolebased access control (RBAC) within Oracle Fusion Cloud. Experience integrating security practices into the development pipeline using tools like SonarQube Snyk or Veracode for continuous application security testing. Expertise in deploying and configuring WAFs to protect web applications from attacks like SQL injection XSS and CSRF.

.

Identity and Access Management (IAM): Expertise in administrating rolebased access control (RBAC) multifactor authentication (MFA) and least privilege principles.

.

Experience with IAM platforms such as Okta Microsoft Active Directory (AD) or Azure AD to manage user permissions and secure authentication processes. Expertise in implementing SSO and identity federation protocols like OAuth SAML and OpenID Connect.

.

Security Information and Event Management (SIEM): Expertise with SIEM tools like Splunk QRadar LogRhythm or AlienVault to monitor and analyze security events in realtime. Ability to interpret and analyze logs to identify suspicious activities and potential security breaches.

.

Vulnerability Management: Expertise in vulnerability scanners such as Nessus Qualys or OpenVAS to identify system weaknesses. Knowledge of automated patch management solutions to ensure systems are uptodate and protected from known vulnerabilities. Expertise in conducting penetration testing using tools like Metasploit Burp Suite or Kali Linux to assess system security and identify potential attack vectors.

.

Cryptography & Encryption: Expertise with encryption algorithms like AES RSA and ECC for securing data at rest and in transit. Experience with PKI digital certificates and managing cryptographic keys for secure communication and an understanding of securing communication channels with SSL/TLS protocols.

.

Network Security: Experience in configuring and managing firewalls (e.g. Cisco ASA Palo Alto Fortinet) and IDS/IPS systems to detect and prevent unauthorized network activity. Expertise with VPN technology to monitor and secure remote access and ensure encrypted communications.

Benefits