Security Analyst

Location: 3 days on-site in Downtown Toronto
Salary Range: $96-110K
12 month contract
About the Company

• This organization is a financially self-sustaining public agency that operates within the municipal sector.

• They are a major player in the city’s transportation infrastructure, managing a large-scale network that contributes significant revenue to the city's general reserves.

• Recognized as a leader in their specific technology services sector, they are integral to supporting the vibrancy and growth of local businesses and residents.

• Collaborative Culture: The organization strives to be a collaborative, open, transparent, and friendly place to work, built on mutual respect.

• Professional Growth: You will experience professional and organizational growth within a motivated team environment.

• Commitment to Diversity: They are deeply committed to equity, diversity, and inclusion, welcoming applications from all groups with historical barriers to equity.+1

• Impact: You will join a team that prides itself on the calibre of its people and rewards passion for making a significant contribution to the business.

• Role Focus: As a Security Analyst (1-Year Contract), you will execute Threat Risk and Vulnerability Analysis (TRVA) and oversee risk remediation activities.

• PCI-DSS Compliance: A major part of the role involves ensuring adherence to PCI-DSS requirements, managing compliance controls, and protecting cardholder data.

• Incident Management: You will continuously monitor network traffic and system logs for potential security incidents and respond promptly to breaches or attacks.+1

• Vulnerability Management: The role requires performing regular vulnerability scans and assessments to address system weaknesses.

• Collaboration: You will work closely with IT and development teams to integrate security requirements into system designs and collaborate with Qualified Security Assessors (QSAs).+1

• Security Awareness: You will design and implement security awareness plans to educate staff on best practices and organizational policies.+1

• Education: Bachelor's degree in Computer Science, Information Security, or a related field.

• Experience: Minimum 5 years of experience in an Information Security role.

• Technical Stack: 5+ years of experience administering security products such as Palo Alto, Crowd Strike, Cisco ASA, Checkpoint, Microsoft Defender, and Qualys/Tenable scanners.

• SIEM
  
  Experience:
  
  Proven experience with Log Rhythm or Splunk solutions.

• Framework Knowledge: Demonstrated knowledge of standards such as PCI-DSS, ITIL, COBIT, ISO/IEC 27000, and SOC 2.

• Forensic
  
  Skills:
  
  Ability to perform forensic data collections, recovery, and analysis, ensuring proper chain of custody.+1

• Certifications: Relevant certifications (CISSP, CEH, CompTIA Security+, PCI Professional) are considered an asset.