Location: Toronto or Montreal (Hybrid)
The Network SOC VM team is a fast-paced and dynamic team. The Network SOC VM team is a strategic security planning, governance and operational team that is responsible for the operations of the VA scan programs. Our team is currently seeking a candidate for the position of an Analyst, Cyber Security who will report to the Sr Manager, Information Security. The Analyst, Cyber Security will assist in the execution of the application security testing program and execute VA scan on applications, servers and network applications. He will regularly conduct vulnerability assessments, provide feedback on issues related to the execution of the VA programs, assist with the creation of action plans, assist with the identification and tracking of risk remediation, provide advice on mitigation safeguards, processes and security best practices and act as a spokesperson on security related subjects.
- Maintain multiple vulnerability programs
- Security Testing of apps for vulnerabilities and validate them
- Validate false positives.
- Prioritizing vulnerabilities discovered along with remediation timeline(s)
- Complete end-to-end VA to remediation support process
- Manage/update GRC tools
- Update/implement dashboards and reports for all vulnerability programs
- Participate collecting, assessing, and cataloging threat indicators
- Interaction with multiple global teams (security architecture, penetration testing, application development, network teams, etc.)
- Think analytically and synthesize technical information from various sources
- High level of personal integrity, and the ability to professionally handle confidential matters and demonstrate a high level of judgment and maturity.
- Excellent skills of verbal and written communications, relationship building, and influencing others.
- Bachelor’s degree in technology-related field, or in computer science with a specialization in telecommunications, or the equivalent work experience
- Bilingualism in English and French
- A security based professional qualification desirable (e.g. CISSP, OSCP, CEH, GPEN
- Knowledge of ISO 2700x, ITIL, and PCI-DSS.
- Minimum of 5 years professional work experience in information security
- Experience with security testing tools and methodologies in conducting vulnerability and application security assessments (AppScan & Tenable)
- Ability to analyze IT solutions and technology infrastructure in order to identify and assess security vulnerabilities, threats, and risks.
- A track record of results and effectiveness in applications technical support, trouble-shooting and analysis, problem resolution, and service availability and reliability improvement roles.