IT Security Analyst

This is a unique opportunity for a creative problem solver who wants to not only make recommendations on security risks and assessments but to see them through to implementation and execution.

Toronto, ON

Chartered Professional Accountants of Ontario

CPA Ontario protects the public interest by ensuring its members meet the highest standards of integrity and expertise. CPA Ontario serves and supports its more than 89,000 members and 19,000 students in their qualification and professional development in a wide range of senior positions in public accounting, business, finance, government, not-for-profits and academe. Chartered Professional Accountants are valued by organizations of all types and sizes for their financial expertise, strategic thinking, business insight, management skills and leadership.

keywords: who we are,the opportunity,who you are,what's in it for you,risk assement,collaboration,support,compliance,the education,the experience,the technical skills,the drive,the interpersonal capabilities


Overview: <p><strong>The opportunity</strong></p> <p>CPA Ontario is currently in search of an&nbsp;<strong>IT Security Analyst</strong> to support organizational initiatives and strategic goals through the delivery of reliable and efficient security and technology solutions. We need an IT Security Analyst to be accountable for all facets of IT Security and ensure a highly productive and reliable service offering. This is an opportunity to be a contributing team member that helps carry out the vision, strategy and structure of the Information Security and Technology department.</p> <p><strong>Who you are</strong></p> <p>You have a passion for security, technology and process improvement. You want a role where in conjunction with IT Leadership and the IT team, you can work on security across all systems and infrastructure. A place where you can drive IT issues across audit, compliance and risk management to resolution. An organization where you can be a champion of best practices.</p> <p><strong>What&rsquo;s in it for you</strong></p> <p><em>The chance to make an impact. </em>This is a change-focused environment and a chance to be part of a team that is shaping the technology of CPA Ontario.</p> <p><em>The opportunity to work with an elite team.</em> We are on the &ldquo;smaller-side&rdquo; of a mid-sized organization. That means a chance to work closely and collaboratively across teams and develop a deep understanding of our processes, our tools, our infrastructure and our technical requirements of our people.</p> <p><em>The ability to introduce best practices. </em>This is an opportunity to make an impact. You will be able to not only make recommendations but to also see them through to implementation.</p>
Responsibilities: <p><strong>What you will do:</strong></p> <ul> <li>Identification of administrative, procedural and technical control gaps that could pose a risk to CPAO.</li> <li>Collaborate with and support other departments to identify security risks within their respective operational areas, make recommendations for appropriate security control remediation items and support the development of security process control improvements within those portfolios suitable for risk mitigation.</li> <li>Monitor, review and respond on security events received and track through to resolution. Escalate issues that cannot be resolved within acceptable time frames.</li> <li>Collaborate with other teams for ongoing security device administration, including firewall, VPN, anti-virus, spam protection, vulnerability and patch management tools etc.</li> <li>Perform security scans on newly developed applications and ensure that applications being launched to the production environment are compliant.</li> <li>Perform PCI compliance scans and ensure that compliance is maintained across the organization.</li> <li>Support the ongoing design, implementation and operation of CPAO&rsquo;s Information Security and Privacy Programs.</li> <li>Actively participate in patching program reviews and approvals across the organization.</li> <li>Coordinate and perform both network and web application vulnerability assessments.</li> <li>Participate in security awareness training programs and report on key findings and recommendations.</li> </ul>
Requirements: <p><strong>So, how do we know you are the new IT Security Analyst for us? You have:</strong></p> <ul> <li>Undergraduate degree in IT security or related field.</li> <li>The experience. 2 - 3 years hands-on in security field. Recent graduates in IT security programs with internship experience will also be considered.</li> <li>The technical skills. Advanced understanding of anti-virus systems, SIEM technologies, email security, web application security, firewalls</li> <li>Knowledge of threat hunting, compliance efforts, risk management</li> <li>Knowledge of scripting, automation techniques</li> <li>The drive. You are self-motivated and analytical. You have excellent troubleshooting, creative problem solving, critical thinking skills. You are logical, detail oriented and you have sound judgement.</li> <li>The interpersonal capabilities. Your communication skills, both written and verbal as well as your presentation skills are outstanding. You can build and nurture internal and external relationships, prioritizing customer service. You have the patience and language to translate complex technical terms for a non-technical audience.</li> </ul>