ORION is a not-for-profit organization dedicated to empowering Ontario researchers, educators and innovators. We foster a community of more than two million users at more than a hundred universities, colleges, hospitals and research institutions, as well as the majority of Ontario’s school boards. We enable ground-breaking discoveries and cutting-edge education by connecting institutions and regions through our network, facilitating collaboration, and providing our community with the digital tools and expert support they need to make the world a better place.
The successful applicant will have an opportunity to work with a dynamic team of professionals at a not-for-profit organization in the heart of downtown Toronto, and to interact with leaders in Ontario’s research, education and innovation sectors, including government.
As a member of the ORION engineering team, the Network Security Analyst, is responsible for the security operational aspects of the Ontario Research and Innovation Optical Network (ORION). Individual will work as part of team that is responsible for the Network Operations of the ORION network. ORION is a Province wide network utilized by researchers, educators, and scientists for research and education purposes.
The candidate for the position of Network Security Analyst is required to understand networks protocols and systems behaviors. It is expected this position will perform in a Security Operations Center (SOC) environment by providing first point of contact for security related incidents impacting the organization. Candidates must have relevant experience in IT security operations specially in managing and developing managed security services e.g. SOC, SIEM, and managed firewalls.
Responsibilities and Duties:
- Deploy, maintain and upgrade security systems (SIEM, Vulnerability Scanners, Logs Management, Identity and Access Management, etc.)
- Participate in developing security architectural frameworks and a reference model for our security infrastructure
- Participate in developing a Security Operations Centre. Activities will include security architecture, design and requirements, operationalization, maintenance, governance, and risk management
- Analyze security events and incidents to determine the root cause and apply the appropriate mitigation measures as outlined by organization Incident Response Plan
- Plan, implement and upgrade security measures and controls
- Triage and analysis of security events followed by prioritization and escalation of alerts that exceed the SOC threshold
- Define, implement and maintain corporate security policies, directives and procedures
- Conduct internal and external security audits
- Manage network devices, intrusion detection and prevention systems and VPN access
- Recommend and install appropriate IT Security tools and countermeasures
- Provide security awareness training to other organization users
- Coordinate security plans with third party vendors
Skills and Competencies:
- Windows, Unix and Linux Operating Systems
- TCP/IP, computer networking, routing and switching, firewalls, VPN
- Penetration testing of applications and infrastructure
- Hands-on experience investigating common types of attacks such as brute-force, phishing, DDoS and data exfiltration.
- Vulnerabilities and Information Risk assessments
- Good knowledge of IT Security Frameworks (NIST, ISF, ISO 27001, etc.)
- Forensics investigation and analysis of security incidents (how and why a security breach or a compromised system occurred)
- Good understanding of Social engineering practice used by malicious actors
- Software programing and scripting practice
Desired Certifications and Education:
- Bachelor degree or diploma in computer science or related fields
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Other relevant certifications include: CISA, CISM, ISO 27001 Lead Auditor, SABSA or similar certification is an asset Knowledge of ITIL, NIST, and ISO best practices and process improvement
- A combination of studies, certifications and relevant experience would be also considered
Industry specific requirements:
- Three to five years of relevant experience in an operational IT Security environment such as SOC or CSIRT.
- In-depth knowledge of security event management, network security monitoring, log collection and correlation
Please apply to firstname.lastname@example.org