Senior IT Security Analyst

Senior IT Security Analyst - (211704269)

Description

Just Energy is a retail energy provider specializing in electricity and natural gas commodities and bringing energy efficient solutions and renewable energy options to customers.

Currently operating in the United States and Canada, Just Energy serves residential and commercial customers.

Just Energy is the parent company of Amigo Energy, Filter Group Inc., Hudson Energy, Interactive Energy Group, Tara Energy, and terrapass.

Visit www.justenergy.com to learn more.

Location: Mississauga, Ontario/ Remote

You will foster strong relationships with business partners, including IT, internal audit, SOC vendor and other compliance and risks stakeholders within Just Energy. In your capacity, you will effectively position your team to understand, articulate, and influence the IT Risk and Compliance (ITRC) strategy, plans, results, issues and outcomes.

As a project leader, you will frequently communicate with executives to represent and discuss IT risks and compliance positions, including consultation with the Director of IT Cyber and IS. You will also lead efforts to govern, communicate, and educate staff on the adherence to risk and compliance policies, standards, processes, and procedures.

You will lead in a highly complex, fast-paced matrixed environment, with tight deliverable timeframes and multiple internal and external stakeholders to IT. We expect you to act independently with limited coaching from the Director, IT Cyber, and leaders within IT, demonstrate strong initiative, influence outcomes, minimize and address conflicts, and demonstrate an in-depth understanding of risk management activities and business risks and control environments.

The role requires a sense of urgency, passion for results, and personal accountability for achievement. The successful candidate must possess expertise in process, technology, and business acumen, along with strategic and innovative thinking and an unwavering focus on security and our customers. Your strong leadership and relationship skills, resilience and ability to effectively communicate will be vital in driving results the right way in our entrepreneurial environment.

Under the leadership of the Director of IT Cyber and Information Secutity, you will lead topics to address:

• Identification of Information Security issues.
• Participate in the development of security architecture solutions.
• Lead the implementation planning and design of projects related to security solutions.
• Researching and, with the assistance of the IT team, deploys new technologies.
• Developing and documenting security policy performs security audits and risk assessments.
• Providing security guidance and on-call supports.
• Lead Security Operations Center (SOC) implementation and engagement
• Develop and provide presentations to communicate and coordinate security policies, procedures, and awareness programs.
• Responding to security requests and manage request queues with the vendors.

Responsibilities:

• Manage Information Security and cybersecurity issues.
• Investigate security breaches and other cybersecurity incidents, including application, websites and cloud
• Manage security measures in Operating System to protect systems and information infrastructure, including firewalls and data encryption programs.
• Work with IT development teams to identify and resolve application and web sites security gap
• Document security breaches and assess the damage they cause.
• Manage the SOC vendor to review all security program/activities, logs, tests and uncover network vulnerabilities.
• Work with IT and Security teams to detect vulnerabilities to maintain a high-security standard.
• Manage application security and cloud access
• Develop a Security program and maintain company-wide best practices for IT security.
• Review penetration testing, vulnerability scanning and work with IT Infrastructure and Development teams to resolve identified gaps.
• Manage security software and understand information security management.
• Research security enhancements and make recommendations to IT management.
• Stay up-to-date on information technology trends and security standards.
• Conduct cybersecurity assessments and technological security reviews on securing software development and provide advice and consultation.
• Proactively review and evaluate security configurations and setting for websites, Servers, desktops and Networks.
• Work with IT and Business to document resolution of identified security weaknesses and recommend established improvement solutions.
• Monitor emerging security threats, evaluate and recommend mitigation strategy.
• Maintain necessary documentation to support security strategy by outlining the requirements and benefits of specific security tools and/or solutions.
• Provide timely reports on project and task progress and centrally track incoming and existing issues in real-time.

Requirements and Education:

Support and maintain our security framework for existing and future systems by working with management and the IT teams to update and develop policies and procedures governing all aspects of systems security, and provides for the protection of systems and their data:

• 5+ years of experience in Information Security, Cybersecurity and advanced threat protection
• 3-5+ years of experience with Data Discovery and Data Classification strategies
• BA or BS degree in CS or IT preferred, Computer Science or Engineering or related field.
• Experience in information security covering, Infrastructure, Web applications, software development, cloud, System and Network Operating systems.
• Experience with computer network penetration testing and techniques.
• Ability to identify and mitigate network, web application and software development vulnerabilities and explain how to avoid them.
• Understanding of patch management with the ability to deploy patches promptly while understanding business impact.

Required Professional Certificates

• CISSP and GIAC certifications

The preferred candidate may also have one or more of the following designations:

• Certified Cloud Security Professional (CCSP)
• Certified Information Security Manager (CISM)
• Certified in Risk & Information Systems Control (CRISC)
• ISO IEC 27001 L.A (ISMS)
• Certified Ethical Hacker (CEH)
• Qualys Certified Specialist (QCS)
• Cisco Certified Network Professional (CCNP)/ Cisco Certified Network Associate (CCNA)
• Microsoft Certified IT Professional (MCITP)
• Microsoft Certified Systems Administrator (MCSA)
• Microsoft Certified Technology Specialist (MCTS)

Thank you for your interest in Just Energy!

We offer:

• Competitive compensation
• Performance based bonuses
• Comprehensive benefits package from day 1 of employment
• Employee Deferred Profit Sharing Plan (DPSP)
• Work from home (WFH) Model *During pandemic
• Health and wellbeing tools and resources and more…

#LI-SS1

Primary Location: CA-ON-Mississauga

Work Locations: ON-Mississauga-Courtney Park 80 Courtney Park West Mississauga L5W 0B3

Job: Audit

Organization: Canada

Schedule: Regular

Shift: Standard

Employee Status: Non-Management

Job Type: Full-time

Job Level: Day Job

Travel: Yes, 5 % of the Time

Job Posting: Aug 31, 2021, 4:31:43 PM