Security Specialist - Permanent
On behalf of our client, PROCOM is looking for a Security Specialist.
Security Specialist – Job Description
- The Security Specialist will manage and support the overall corporate Information Technology security landscape
- This role will work with technology including but not limited to: Windows Server, Active Directory, VMWare, Exchange 2016 and Exchange Online, MS Office, One Drive, SharePoint, Amazon Connect, Sophos (or other) Firewall and Salesforce Service Cloud and Marketing Cloud
- This also includes network and telecommunication systems as well as applications and systems which directly support the end user computing environment
- In addition to IT operations activities, this role will participate in technology research, budgeting, facilities security support, procurement, and deployment
- Security Landscape
- Support the organization’s security program and security operations
- Responsible for ensuring all information systems are secure
- Analyze IT specifications to assess security risks
- Participate in IT and Business initiatives promoting adherence to security policies and standards for security domains as follows:
- Security risk management
- Endpoint security
- Perimeter defense
- Vulnerability management
- Vendor risk management
- Establish and maintain a security baseline for secure configuration of information assets.
- Assist with the security reviews of networks, systems, hosted environments, and services.
- Support incident response activities and triage involving collection of event data, detailed analysis of audit logs, and reporting.
- Design and implement security measures and controls
- Act on privacy breaches and malware threats
- Security configuration management of hosts, network devices, and security appliances and technologies as follows:
- SIEM (Security information and event management) rule creation and log analysis
- Firewall rule configuration
- Vulnerability scanning
- OS security hardening
- Network device hardening
- Security appliance configuration
- Develop, implement and enforce security standards per company’s information and security policies, controls and procedures.
- Support system implementations, modifications and enhancements, identifying security gaps and preparing action plans to address
- Technical security documentation development
- Support regular patch upgrades and major technology upgrade initiatives, examining defensive system and provide reports on test results
- Conduct security audit activities and vulnerability assessments
- Assists in designing and developing security features for system architectures
- Design and conduct staff training on security policies, best practices and procedures.
- Facilities Security Support
- Assist CIO with the ongoing support of our overall facilities security including working with building and vendor staff on an as required basis to address RPRA needs.
- Working with the CIO, assists in the development and management of the I&IT annual operating and capital budgets from a security point of view
Security Specialist – Mandatory Skills
- Bachelor’s Degree or equivalent expertise in Computer Science, Information Security Management or similar field
- Minimum of 5 years’ experience working in information security.
- Minimum of 5 years’ experience implementing security controls in an enterprise environment
- Experience implementing a security protocol to ensure a secure Office 365 environment with SaaS hosted Exchange, OneDrive and SharePoint
- Agile methodology experience
- Success delivering on time, on budget to spec projects
- Must hold a current cybersecurity certification (for example GSEC, GCIH, GCCC, GDAT, GCWN, GPEN, OSCP)
- Sound knowledge and expertise in I&IT strategic and operational planning
- Experience in analysis, implementation and evaluation of I&IT security systems and their specifications
- Sound decision-making skills within the context of complex and sometimes conflicting priorities
- Ability to engage and sustain effective relationships with internal and external stakeholders
- Ability to foster a collaborative work environment that promotes and facilitates transparency and accountability
- Excellent problem-solving and consensus building skills
- Strong project management, organizational and time management skills
- Excellent analytical and evaluative skills
- Ability to meet deadlines, to conduct and direct research into I&IT security issues and products, and to take initiative in the development and completion of projects.
- Outstanding verbal and written communications ability
- Early identification of potential risks to budget and schedule developing and implementing appropriate mitigation strategies.
- Demonstrated ability to thrive in a dynamic, fast-changing environment
- Comfortable with ambiguity, frequent change, or unpredictability
- Self-motivated and organized to manage multiple and competing priorities
- Known for being a team player ready to collaborate and pitch in where required
- Discretion and judgement in working with confidential information
Security Specialist – Nice to Have Skills
- Familiarity with a complex regulatory environment or public-sector entity an asset
- Knowledge of full systems development life cycle (SDLC) preferred
Security Specialist - Assignment Start Date
ASAP – Permanent
Security Specialist - Assignment Location