Intermediate Analyst, Security Operations

Overview

Supports daily information security operations and incident response.

Key Responsibilities

• phishing simulations
• security monitoring
• incident response
• vulnerability assessment
• tool implementation
• security reporting

Tasks

-Provide management of regular phishing simulations including, but not limited to, selection of templates, launching of campaigns and providing reporting & enforcement of compliance with phishing related policies -Work collaboratively with other Information Services teams to reach common resolutions and goals -Liaise with security product and service vendors to provide day to day support and monitoring of all networks -Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being. -Provide 24/7 response to security operations as it relates to monitoring and alerting of potential security incidents. Be available at any time to actively investigate / document those alerts and manage confirmed security incidents -Monitor multiple environments to detect, validate and respond to anomalous activity, security events, or unauthorized access of information assets -Support the operational components of incident management, including detection, response, and reporting -Support the day-to-day operations of the information security program set out by management -Utilize problem solving to find root cause in security incidents -Actively seek mitigation or closure in identified security risks and gaps -Attend security industry talks, seminars and events to stay current with latest information security trends -Work with our internal Communications and Learning teams to provide security awareness and training materials for a wide range of audiences, which ranges from senior leaders to field staff -Assist with security vulnerability assessments, identifying and prioritizing findings for resolution -Work to promptly resolve tickets related to information security, such as virus/malware infections on desktop, phishing, suspicious network traffic and vendor account reviews -Conduct security product evaluations, and recommend products, technologies and upgrades to improve Aecon’s security posture -Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, incident management and security tool implementation -Monitor, triage and respond to emails that have been reported by employees as suspicious and potential phishing attacks. Provide monthly metrics related to these reported emails -Track security trends/events to provide information on monthly security reporting

Requirements

• siem
• cissp
• security+
• aws
• linux
• reporting

What You Bring

-Excellent reporting skills, with demonstrated ability to create reports -Must be able to respond to, and action, security alerts on a 24x7 basis -A good understanding of Windows and Linux operating systems, and network protocols -A bachelor's degree in Information Systems or Information Security -Strong in analytical thinking, problem solving and troubleshooting -Hands on experience of security technologies and tools such as SIEM, IPS, EDR, MDM, web content filters and email security gateways -An ability to manage multiple tasks with minimal supervision -Flexibility and ability to adjust quickly to changes in priorities, or to different business demands -A strong understanding of the business impact of security tools, technologies and policies -2-3 years’ experience applying information security principles and practices in an enterprise environment, or 3-5 years of experience supporting information technology -Working towards and/or having CISSP and/or Security+ certifications would be an asset -A good understanding of the public cloud (AWS, Azure, etc.) -Excellent verbal, written and interpersonal communication skills with the ability to explain technical matters to a non-technical audience

People Also Searched For

About AECON

-Spanning over 150 years. -Operates in civil infrastructure, urban transportation, and energy solutions. -Involved in planning, financing, and execution through public-private partnerships. -Advanced urban transportation projects, such as the Réseau express métropolitain (REM). -Advancing projects like the Darlington Small Modular Reactor. -Committed to sustainability and cutting-edge technology.

Sector Specialisms