The Information Security Operations Engineer is responsible for two core functions within the Information Security Core Team. The first is the management of HOOPP’s security solutions while the second is the identification, investigation and resolution of security events. Tasks will include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The Information Security Operations Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.
A successful candidate will have excellent interpersonal skills, strong technical and security operations experience; he or she is expected to interface with peers and other leaders across IT&FS to solicit their involvement in achieving higher levels of security through information sharing and co-operation.
Strategy & Planning
- Participate in the planning and design of enterprise security architecture, under the direction of the Information Security Director.
- Participate in the creation of enterprise security documents (ie. policies, standards, baselines, guidelines and procedures.)
Acquisition & Deployment
- Maintain up-to-date detailed knowledge of the Information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices (i.e., security tools, workstations, servers, network devices, etc.).
- Maintain operational configurations of security solutions as per the established baselines.
- Monitor security solutions for efficient and appropriate operations.
- Review logs and reports of devices (i.e., security tools, workstations, servers, network devices, etc.).
- Participate in investigations into problematic activity.
- Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provide on-call support for security event reporting when needed.
Formal Education & Certification
- College diploma or university degree in the field of computer science.
- 5+ years of experience in information security
- One or more of the following certifications:
- ISC2 Certified Information Security Professional (CISSP)
- ISC2 Certified Cloud Security Professional (CCSP)
- ISACA Certified Information Security Auditor (CISA)
- ISC2 Systems Security Certified Practitioner (SSCP)
- Good understanding of cloud security principals relating to IaaS/PaaS/SaaS, and a background in working within enterprise cloud environments such as Azure, AWS etc.
- Strong background in the identification and remediation of security vulnerabilities.
- Deep understanding of technological concepts such as IT architecture, cloud technologies, applications, network infrastructure.
- Strong understanding of security best practices with regards to operating systems, network appliances, and databases.
- Experience with Agile including Scrum is strongly preferred.
Knowledge & Experience
- Extensive experience with security tools native to cloud environments such as AWS & Azure (i.e. Microsoft Security Centre), Secure email gateways, Advanced Endpoint Protection, Next Gen Firewalls/Application Firewalls, Vulnerability Scanning tools, IPS/IDS, SEIM, DLP/CASB, Multi-factor Authentication, and Secrets Management.
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Strong understanding of operating systems, databases, Exchange, Active Directory.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Communicate effectively with customers, teammates, and management.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- Ability to learn different skills outside of their domain of expertise
- Ability to work independently and take initiative
- Ability to balance value in delivery against standard practices and processes
- Ability to think “big picture” for architecture and develop long-term solution
- Willingness to learn and work in a multidisciplinary team