You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

IT Security Analyst - Camosun College

Location
Victoria, BC
Details
Full Time
6 days ago
GENERAL

The IT Security Analyst plays a vital role in keeping the College's digital assets, including proprietary and sensitive information secure and available. The security analyst performs day-to-day operations of the in-place security solutions along with the identification, investigation, and resolution of security breaches. Secondary activities for the analyst range from, but are not limited to, involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. Working with the Manager of IT Security, the position assists in the identification and correction of flaws in the College's security systems, solutions, and programs while recommending specific measures that improve the College's overall security posture.

TYPICAL DUTIES

Daily Security Operations

Keeps the College's security systems up to date by completing the following duties:

- Maintains up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control or not;

- Maintains operational configurations of all in-place security solutions as per the established baselines;

- Deploys, integrates, and completes initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures and the College's security documents;

- Performs regular assessments and audits of existing security systems, tools and controls;

- Monitors all in-place security solutions for efficient and appropriate operations;

- Reviews and analyzes logs and reports of all in-place devices and interpret the implications of that activity and devise plans for appropriate resolution;

- Reviews and analyzes metrics and data to filter out suspicious activity, and to find and mitigate risks before breaches occur;

- Participates in, and may lead, investigations into problematic activity;

- Participates in the design and execution of vulnerability assessments, penetration tests, and security audits;

Analysis and Planning

- Supports and participates in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate;

- Co-operates in the creation and maintenance of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate;

- Generates reports for IT and college-wide work place leaders, as appropriate, and works with them to evaluate the efficacy of the security policies in place and assists in making necessary changes;

- Contributes to the planning and design of an enterprise business continuity plan and disaster recovery plan;

- Participates in PCI-DSS planning, tracking and work activities;

- Participates in and analyzes security risk assessments for 3rd party vendors, cloud solutions and software systems;

- Recommends additional IT security solutions or enhancements to existing security solutions to improve overall enterprise security.

Leadership

- Maintains current knowledge of the College's IT security goals as established by its stated policies, procedures, and guidelines and works actively towards upholding those goals;

- Maintains up-to-date detailed knowledge of the IT security industry including new or revised security solutions, improved security processes, and the development of new attacks and threat vectors;

- Creates and coordinates awareness sessions to provide employees and other users with information on the use and application of required college IT security protocols;

- Participates as a member of the IT Security Team and advocates for the department in appropriate forums; acts a coordination point for issues by liaising between the Manager, IT Security, the department and stakeholder community;

- Contributes to and supports the development, knowledge and application skills of ITS staff with IT and cyber security techniques and processes;

- Researches, demonstrates and presents in public, when directed by Supervisor, on current IT and cyber security issues and directions for both College and external audiences;

- Assist the Privacy Officer, ITS Managers and relevant work place leaders in providing recommendations related to privacy and the development of Privacy Impact Assessment (PIAs).

- Promotes and supports the application of the Freedom of Information & Protection of Privacy Act (FIPPA) within the college environment;

Performs other related duties similar in scope and complexity.

QUALIFICATIONS

College diploma in Computer Science and ITIL Foundation certification and one of the following security-related certifications:

o CompTIA Security+

o GIAC Information Security Fundamentals

o Microsoft Certified Systems Administrator: Security

o Associate of (ISC)2 with valid certification

and six years of recent in-depth experience in day-to-day security-related operations along with the identification, investigation, and resolution of security breaches, or an equivalent combination of education and experience;

- Demonstrated research and analytical skills as relates to IT security, network security and vulnerabilities, and to provide recommendations/advice on the use of IT security tools and technologies;

- Ability to remain current on malware protection, firewall protection, cloud computing, and other technologies

- Experience working on all aspects of a managed project; design, implementation and support;

- Demonstrated a sound understanding of the Freedom of Information and Protection of Privacy Act (FIPPA)

- Demonstrated excellent "people" skills, especially respectful and effective communication;

- Proven skills in developing operational documentation and written procedures.

- Demonstrated ability to present ideas and strategies in language appropriate to varying audiences;

- Proven organizational and problem solving skills;

- An ability to effectively prioritize and execute tasks in a demanding service environment;

- Demonstrated ability to manage rapid technology rate of change;

- Demonstrated ability to work effectively alone and in a team environment.

Apply here: https://camosun.peopleadmin.ca/postings/5244

Images

Additional Info

Job Type : Full-Time

Location : Victoria, BC

Experience Level : Not Applicable
Category
Information Technology