Information Security Analyst

Posted 1 year ago

Information Security Analyst – JO-2604

Anticipated Duration: 18 months

Project Location: Toronto, Ontario

You are an information security professional with analytic capabilities as well as an ordered and structured approach to problem solving. You are pragmatic and ensure that we enable business to continue. Where theoretical knowledge helps you, it is backed up by practical skills learned. You understand and have experience in many technology areas covering IT environment.

Description of Duties / Scope of Work

  • Monitor, identify and analyze events to ensure threats are reported and actioned
  • Familiar with current and emerging threats, threat intelligence
  • Perform operational security assessments with current and future solution to ensure projects and service deliveries meet the defined cyber security controls
  • Actively contributing to identifying, managing and reducing cyber security risks
  • Perform, analyze findings and provide advice for remediation on vulnerability assessments
  • Perform, analyze findings and provide advice for remediation on web application assessments
  • Other duties as assigned

Mandatory Skills / Certification

We believe you have experience in all areas listed below:

  • Security vulnerability assessment on infrastructure and web application
  • Web application security concepts and implementation
  • Information security operational assessment, process, procedure

Sound knowledge of areas directly related to the duties and responsibilities specified above:

  • Experience in IT controls and information security standards such as ISO27002, NIST, SANS, ITIL frameworks
  • Thorough understanding of fundamental security controls and network concepts (IPS/IDS, Firewall, WAF, Load Balancer)
  • Experience with threat assessments, vulnerability analysis, information gathering, correlating and reporting
  • Hands-on experience with the following: Vulnerability and Patch Management, Endpoint Security, Antivirus/Malware, Firewall management, SIEM
  • Understanding of the following technologies Linux, Windows, AIX, Databases, web or cloud based applications, technologies and data encryption (at rest, in transit)
  • Excellent communication skills (both verbal and written) is a must have, as well as professionalism and respect for confidentiality
  • An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood manner
  • Self-motivated; proactive in thought and planning. Eagerly assumes responsibility for things that need to be done, including following up with team members and leadership on outstanding items
  • Strong organization, prioritization and rationalization skills
  • Strong interpersonal skills and the ability to work as part of a team


  • A completed University Degree or College Diploma in a related discipline and related work experience, or a combination of education, training and experience deemed to be equivalent

Other Skills / Certification

  • IT security certification – CISSP/GSEC/CompTIA Security+/SSCP certification is an asset


  • Security Control Assessments
  • Vulnerability assessments
  • Web application testing
  • Operational Security
  • Other duties as assigned

Job URL:


Apply Online