Security Analyst – Information Security

Job title: Security Analyst – Information Security

Job description: INDEPENDENT ELECTRICITY SYSTEM OPERATOR

Specialist Information Analyst

Location of Position: Mississauga

Specialist Information Analyst will report to the Senior Manager Cyber Intelligence Operations and Governance

The IESO provides essential electricity services to the people of Ontario – ensuring there is enough power to meet the province’s energy needs in real time while planning and securing energy for the future. It also works with its partners to guide the province’s conservation efforts. Ontario’s power system is changing and the IESO is changing along with it. Its employees are developing new skills in order to embrace the opportunities of this evolving, multi-faceted industry.

It takes a network of professionals to plan and operate the power grid. The Independent Electricity System Operator (IESO) manages Ontario’s power system, meeting Ontario’s needs in real-time and by planning for the future. The IESO’s unique, challenging work environment attracts diverse, highly-educated professionals from engineering, business, finance, economics, information technology, law and social sciences. Follow the IESO to learn more about us and the people who work here. Explore the Careers page to hear from current employees and discover opportunities to be part of an energized, leading-edge team with excellent opportunities for growth and development.

Job Function:

Coordinate, plan and/or organize the response to a detected cybersecurity issue within the IESO and the Ontario electricity industry. This function will work with the Security Operations, Security Architecture, Security Technology, Access Management and Threat/Vulnerabiity and Risk Teams and our security providers including our government security partners. This function is the first point of technical contact in the organization around cyber security operations. This is a critical role in the identification of cyber incidents.

Job Responsibilities: * Oversee/monitor access logs and privileges.

• Contribute to the development of Information Security standards and procedures for business units consistent with corporate security objectives and generally accepted and leading edge Information Security practices and professional security standards and in coordination with IT Process Development Leaders and the Senior Manager, Information Security.
• Support the delivery of the Security Operations and Technology programs for applications, tools, anti-virus, encryption and fire walls, implementation support, identification of system vulnerabilities, User and Entity Behaviour Analysis, system assessments, Information Security advice and consultation, business resumption planning and disaster recovery planning.
• Provide input to supervision on all areas of Information Security.
• Contribute to the development/delivery of awareness training and general Information Security education.
• Provide strategic, operational, and technical insight to ensure the IESO Security program is adequately prepared to detect current and future threats
• Review and modify, in conjunction with the Threat/Risk and Governance Teams, the security technology rules and filters to better detect and prevent security incidents. As part of this change, formal review and documentation of the change will need to take place to prevent outages or detrimental system impact
• Create and Implement the automation routines and information collection and identification tools for security correlation purposes
• The identification and formal review of redundant monitoring tasks, redundant security event analysis or data duplication on collection tasks to streamline and free up system resources. Where “Reduction” occurs documentation will need to be developed explaining the proposed solution
• Monitor and ensure Service Provider is empowered to review the security data feeds among the various servers, applications and networks within relevant processes
• Document and review with other SOC analysts at the Service Provider the interactions of the filters, rules and matching routines and security applications within the deployed security technologies.
• Assist, through strong documentation and communications skills, the Service Provider SOC analysts in explaining the solutions that were developed, designed and implemented to security operations and non-security operations personnel
• Keep up-to-date on the latest security information pertaining to the SOC technology in order to validate the security capabilities of the SOC
• Keep up-to-date on the vulnerability of appliances, servers, OS, application, etc. of the SOC
• Installation, operation and management of approved security tools and applications to provide security information, security event relationship and security event analytical tools for the SOC analysts
• Participate in improvement efforts to gather, analyze, and define security operations and information security requirements for a variety of threat and vulnerability management issues
• May be asked to perform product evaluations and recommendations. The analyst may be asked to choose security products and services to implement, and plan the implementation based on industry best-practices or procedures in relationship to the SOC
• Develop, document, and present general and technical presentations
• First point of contact from Service provider during business hours.
• Provide leadership and insight for the security monitoring and security incident investigation and response personnel
• Will have access/handle confidentiality issues, requiring high level of trust and integrity.
• Perform other duties/tasks/projects as required or assigned.

Selection Criteria:

Education:

• Requires a sound knowledge of computer science, information technology and telecommunications systems.
• Good written and oral communication skills, in order to deal with end-users, review/input on procedures, standards and/or methods; and design/deliver training.
• This knowledge is considered to be normally acquired either through the successful completion of a university degree in the area of Computer Science or related discipline or equivalent.

Experience:

• Requires experience coordinating/analyzing enterprise security systems, or components of the security program, on a diverse set of computing platforms, operating systems and applications, especially Windows NT and UNIX.
• Experience with networking products, large package and systems implementation. Previous experience as part of a large multi-disciplined project, and with systems vendors, which requires having sound project management skills.
• A period of over 4 years, up to and including 6 years is considered necessary to gain this experience.

Core Competencies:

• Functional/Technical Skills
• Customer Focus
• Approachability
• Problem Solving
• Action Oriented
• Learning on the Fly
• Informing
• Self-Development

What the IESO Offers:

• Competitive market wages
• Comprehensive benefit programs
• Programs and policies to support a balanced lifestyle
• A challenging fast-paced team environment
• Opportunity to work with some of the brightest people in the industry

While we appreciate your submissions, we regret that we can only contact those candidates selected for interviews.

We thank all candidates for their interest in opportunities with the IESO. Be sure to follow us on .

The IESO is an equal opportunity employer.

Please note the successful candidate must be eligible to work in Canada and will be subject to a background check.

Company: IESO

Expected salary:

Location: Mississauga, ON

Job date: Sat, 02 Oct 2021 02:22:21 GMT

Job Source: Careerjet.ca

Click Here to Apply