Security Analyst

City of Leduc

View: 139

Update day: 29-05-2024

Location: Leduc Alberta

Category: Information Technology Security

Industry:

Job type: Full-time

Salary: $85,158–$106,434 a year

Loading ...

Job content

Department:
Enterprise Technology Services
Hours Per Week:
35
Compensation Range:
$85,158.00 - $106,434.00
Closing Date:
June 30, 2023
Note: Posting comes off at 12:00 AM on Closing Date, with competition closing at 11:59 pm day prior.
At the City of Leduc, our mission is People. Building. Community. We offer a collaborative and dynamic workplace where our values of Teamwork, Service, Respect, and Leadership guide our conduct and contribute to a healthy culture. If you would like to work as part of a progressive organization and enjoy a fast-paced environment, then this may be the opportunity for you.
Security Analyst
Permanent, full-time - 35 hours per week
$85,158.00 - $106,434.00 per annum
We are currently recruiting a permanent, full-time Security Analyst for our Enterprise Technology Services team.
About this Opportunity:
While reporting to the Manager, Enterprise Technology Services, the Security Analyst will support the design, implementation, and ongoing operation of information security services and all its tools at the City. It is responsible for leading the process of ensuring information assets are adequately protected with acceptable levels of control by monitoring, testing, and evaluating security assessments of systems and taking steps to design and implement remediation solutions.
Responsibilities include, but are not limited to:
  • Manage the administration of all IT security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
  • Collaborate with CITY/IT leaders, privacy officer, and Human Resources to establish and maintain a system for ensuring that security and privacy policies are met.
  • Promote and oversee strategic security relationships between internal resources and external entities, including government, vendors, and partner organizations.
  • Manage securing of all platforms and centralize security event management.
  • Design, perform, and/or oversee penetration testing of all systems to identify system vulnerabilities.
  • Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).and resolution of risk and compliance issues with appropriate stakeholders including [business, security, legal, IT, and customers].
  • Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
  • Classify and valuate enterprise data assets.
  • Select and deploy appropriate best practices governance frameworks, such as NIST.
  • Participate in risk assessments for new technologies and projects and develop strategies for risk mitigation.
  • Collaborate with stakeholders in the design and implementation of disaster recovery plan for operating systems, databases, networks, servers, and software applications.
  • Liaise with relevant parties to commission activities relating to contingency planning, business continuity management, and IT disaster recovery.
  • Conducts internal security risk assessments and security compliance audits; coordinates third-party audits.
  • Lead the escalation and resolution of risk and compliance issues with appropriate stakeholders including [business, security, legal, IT, and customers].
  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors and related toolsets.
  • Provide input for security requirements to be included in request for proposals (RFPs), statements of work (SOWs), and other procurement documents.
  • Assess all City purchases that have security implications to ensure they support security and compliance mandates.
  • Document security requirements and controls for protecting information, systems, and technology assets.
  • Communicate current and emerging security threats to stakeholders.
  • Develop and deliver risk awareness training for key staff and stakeholders.
Qualifications:
  • University degree or College diploma in Computer Science or related field
  • Certificate in IT or Cybersecurity related framework such as: ITIL, COBIT or NIST
  • Project Management certification would be an asset.
  • Minimum 7 years IT related experience
  • Broad knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
  • Experienced with penetration testing and techniques.
  • Ability to identify and mitigate network vulnerabilities.
  • Knowledge and applicable experience with different operating systems and security tactics
  • Understand patch management.
  • Experienced in installing security software and documenting security issues.
  • Excellent analytical, conceptual, and critical thinking skills
  • Excellent organizational skills with the ability to multi-task, manage time effectively, and handle tight deadlines.
  • Excellent verbal and written communication skills including the ability to effectively consult with clients on business processes.
  • Experience managing business, functional and technical requirements.
  • Ability to collaborate with stakeholders to determine acceptable solutions
  • Valid driver’s license to perform site visits
  • Must be willing to provide a current Criminal Records Check at own expense
If this sounds like you, we want to hear from you! To apply, please visit our website at:
www.leduc.ca/careers
Competition closes at 11:59 pm (MT) on June 29, 2023.
This competition may be used to fill future vacancies at the same or lower classification level. Due to the high volume of resumes received, we are not able to respond to individual phone calls. We thank all applicants for their interest; however, only those selected for interviews will be contacted.
Loading ...
Loading ...

Deadline: 13-07-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...