Network Engineer

Jobinhalt

Celebrating over 50 years of growth, Sym-Tech is a leading finance and insurance provider to the retail automotive industry. At-Sym-Tech we are looking for associates who share our passion for innovation, creativity and results! We are passionate about delivering excellent client service, an outstanding employee experience and opportunities to learn and grow professionally. Sym-Tech is growing quickly and that means endless ways to make a real difference! We are currently recruiting for a Network Engineer, Information Security to join our specialized IT team located in Richmond Hill, Ontario.

A career with us offers:

• A fun, fast paced culture
• Competitive wages and benefits
• On-going industry training programs and professional development opportunities
• A professional, collaborative and progressive work environment
• An empowering atmosphere where people are inspired to do great work
• The chance to work with some of the best in the business!

Position Summary:

Responsible for managing and directing all functional day-to-day activities within a functional area or region, and is accountable for ensuring planned results are achieved. You will also be responsible for implementing programs as set by functional area director. The selected candidate will also build relationships with a variety of stakeholders regionally and Organization-wide.

Position Functions:

·Managing the development, implementation, and maintenance of information technology security policies, standards, and procedures based on the IT security framework and information security strategy and with alignment to the Organization’s goals and architectural roadmap. This is to protect against internal and external IT threats and vulnerabilities.

·Managing the identification and evaluation of IT threats, security vulnerabilities, non-compliance and deviations from baseline security requirements. This includes conducting information security risk assessments, penetration tests, vulnerability scans, and providing recommendations on measures to mitigate security risks and improve information security controls. Ensuring day to day IT operations are performed in accordance to security practices.

·Managing the timely delivery of IT security work programs and conducting quality assurance / reviews of work program deliverables. This includes managing the delivery of security projects with internal and external stakeholders (e.g. service providers), security awareness, and client auditing requirements.

·Manage networks including, but not limited to firewalls (Cisco), switches (Cisco) and WAN connections.

·Serving as a subject matter expert and advisor on the data security implications of proposed new major information technology projects and programs, and making recommendations to management and affected departments.

·Directing the handling of information security breaches, concerns, and related incidents, including overseeing the activation of departmental incident response procedures and communicating to management stakeholders.

·Managing the creation and facilitation of the information security risk assessment process, including reporting and overseeing of remediation efforts to address findings.

·Responding to network and system intrusive activity and analyzing network traffic and system logs to determine corrective action and implementing countermeasures; evaluating security incidents, developing solutions and communicating results to end users and technical staff.

·Liaising with internal and managed service providers to monitor and review intrusion detection systems and firewall logs; analyzing events and patterns; reviewing firewall and router rules and access control lists; performing network based vulnerability scans and assessments, penetration tests, and security audits.

·Liaising with third party vendors and managed service providers to ensure service reliability, and that SLA/SLOs (Service Level Agreement/Service Level Objective) are adhered to.

·Maintaining awareness of current and emerging threats and staying abreast of current technologies, developments, security compliance requirements, standards and industry trends.

·Liaising with second and third level support teams on completion of complex requests and processing improvement initiatives related to computer security account administration.

Minimum Requirements:

·University degree or equivalent in Information Technology, Engineering, or Business.

·Minimum of 10 years of IT experience. Of which, a minimum of 5 years in an information security role.

·Experience with ISO 27001/27002 and/or SANS/CAG Top 20 is essential.

·Professional certification, such as a CISSP, CISM, CISA or other information security credentials, is required. CCNA , CCNP, CCSP, CCIP and/or CCIE certifications are desirable.

·Possesses wide base of experience in many disciplines of information technology including IDS/IPS, SIEM, firewalls, VLAN, routing, wireless, VPN, Virtualization, two-factor authentication, NAC, Malware, Access Control, coupled with a strong understanding of security assessment and vulnerability scanning procedures.

·Knowledge of ITIL best practices, process improvements, and project management.