SE Health is looking for an experienced Security and Compliance Analyst proficient in maintaining the security of servers, network equipment, and workstations, with a focus on monitoring and enforcing security controls both on-prem and in the cloud. Demonstrated senior-level experience in scripting, automating, and managing a variety of security systems, along with a strong ability to distill raw information into actionable intelligence.
- Participate and contribute to IT projects, responsibilities include but not limited to: new systems planning, design, and implementation (on-prem/Azure/AWS; implementing new security controls/processes for new systems and infrastructure; quarterly vulnerability and patching activities; document IT & security controls/processes where applicable
- High Proficiency with SPLUNK
- Monitor IT security controls including but not limited to: Intrusion Detection/Prevention System, Malware Protection System, File Integrity System Management, Endpoint Anti-Malware Management, Remote Access Systems and VPN, Security Incident response, Data Loss Prevention, Network Security (Wired & Wireless)
- Help maintain security of all servers, network equipment and workstations including virtual and cloud-based technologies
- Perform Incident Response and Investigation including, Log collection, incident and threat detection, Advise and recommend on defensive strategies based on existing technical security controls, Review security-related events, assessing severity, criticality and priority, Monitor and report based on current SLAs with an emphasis on quality and accuracy.
- Participate in Disaster Recovery Testing drills and table top exercises
- Analyzes information systems and applications to identify the vulnerabilities and provide appropriate solutions to eliminate or minimize potential adverse outcomes
- Enforces security policies in accordance with the established standards to protect confidentiality, integrity and availability of systems and data
- Maintain the security of information systems, applications, and operating systems to ensure compliance with security standards
- Experience distilling and correlating raw information from multiple data sources into actionable intelligence, validating accuracy and reliability of information
- Help with process documentation and training to internal and external users
- Collaborate with other team members on projects to provide guidance in security related areas
- Recognize and deal appropriately with confidential and sensitive information
- Must be available for afterhours implementations, testing and support
- Perform additional tasks as required
- Post-Secondary education in IT related field, or relevant work experience
- 5+ years of experience in Information Security & Infrastructure.
- Knowledge of on-prem and cloud (Azure/AWS) security controls (ex: CASB, Sentinel, DLP), network, database, application, operating systems and the OWASP Top 10.
- Senior experience with scripting and automation.
- Experience deploying apps within Splunk and administrating the Splunk platform.
- Experience with data normalization and data modelling within the Splunk environment.
- Experience in creating and managing Splunk DB connects Identities, Database connections, Database inputs, outputs, lookups, and access controls.
- Experience with regex.
- Knowledge of advanced search and reporting commands.
- Understanding of system log files and other structured and non-structured data.
- Understand methods of collection, logging, windows filtering, and tuning / baselining data
- Hands on experience with core security technologies such as security information and event monitoring systems (SIEM), network and host intrusion prevention and detection systems, proxies, vulnerability scanners, and anti-virus solutions
- Familiarity with the following, Kali Linux, Nessus, Qualys, Metasploit, Burp, Darktrace & CrowdStrike is an asset
- Traffic analysis knowledge (tcpdump/pcap/wireshark)
- Experience with intrusion detection system/intrusion prevention system (IDS/IPS) is an asset
- Recognized security certifications are an asset
SKILLS / ABILITIES
- Excellent research skills along with passion to keep abreast of latest security issue and trends
- Good judgment and independent decision making skills
- Process-oriented with originality and creativity in problem solving
- Self-motivated and enthusiastic team player
- Outstanding written and oral communication skills
- Ability to interface with broad range of people including IT, business personnel and vendors
- Detail oriented with strong analytical skills
At SE, we love what we do. Every day, we bring hope and happiness to clients, homes, and communities across Canada. We treat each person with dignity and love, like our own family; we build empathy; and we do the right thing. We are always inspired to make a difference. As a not-for-profit social enterprise, we share knowledge, provide the best care, and help each client to realize their most meaningful goals for health and wellbeing. We are an inclusive workplace offering competitive salary, group benefits, RRSP pension, and work life balance. We’re a great place to work, and we hope you’ll join our team.
Please note that due to the unprecedented circumstance of the Global Pandemic and the resultant public health crisis; and in the interest of the health and safety of our patients/clients, employees, and greater good of public health, SE Health requires those that wish to work for this organization to be fully vaccinated against COVID-19. Fully vaccinated means a person has received both doses of the COVID-19 vaccine and it has been 14 days since the last dose
SE Health is committed to the success of all its employees. If you feel you need accommodations because of illness or disability, please do not hesitate to contact Talent Acquisition Team at firstname.lastname@example.org at your earliest convenience.