Intermediate Cybersecurity Analyst

Working with ISM will work wonders for your career!

The Intermediate Cybersecurity Analyst is part of ISM’s growing Security practice that is tasked with continually improving measures to prevent and limit the impact of a potential cyber incident for both ourselves and our customers. The Intermediate Cybersecurity Analyst will assist with and coordinate the investigation, containment and eradication of security events and threat detections as well as identifying and remediating vulnerabilities and developing or maintaining processes that will help prevent security incidents from occurring for both our internal and customers’ environments.

Responsibilities:

• Monitoring and analyzing security alerts of potential malicious activity of escalating complexity detected by security systems (SIEM, IDS/IPS etc), determine severity, impact and assisting with remediation efforts, where required
• Assisting with the remediation of vulnerabilities and identifying additional measures to protect IT environments
• Participating in Threat and Risk Assessments
• Participating in security incident investigations
• Contributing to Security Education programming and communication
• Reviewing and approving changes that may have an impact on the confidentiality, integrity or availability of systems/applications
• Monitor and manage Microsoft Purview security features, including Data Loss Prevention (DLP), Information Protection, and Insider Risk Management, to safeguard sensitive data across organizational systems
• Implementing and maintaining data classification, sensitivity labeling, and encryption policies to protect critical information within and beyond the organization
• Analyzing audit logs, investigating insider risks, and supporting eDiscovery processes to ensure compliance with regulatory standards and organizational policies
• Collaborating with cross-functional teams to identify and mitigate security risks, enhance endpoint protection, and enforce Zero Trust principles in data governance
• Participating in the selection, implementation, maintenance and configuration of security technology and tooling
• Maintaining and sharing expertise in the area of Cybersecurity including industry trends, strategies, technical controls, tooling, vulnerabilities and threats to ensure internal and customer assets are effectively and appropriately secured against current and future threats
• Participating in the development of information risk and cybersecurity policies/standards
• Developing and implementing security controls and mapping against security frameworks
• Assisting with implementing security frameworks to measure, monitor and manage security posture
• Assisting with and coordinating the management of Endpoint security (e.g. AV, HIPS, Firewall, encryption, DLP, etc)
• Coordinating security analysis, design and planning phases of IT related projects
• Providing recommendations internally and to customers for containment and eradication of threats and/or overall security posture and practices
• Other activities and deliverables as assigned

Qualifications:

• University Degree, or diploma from a two-year program in Computer Science/Engineering, or an equivalent combination of education, experience and training, plus 5-7 years experience in IT.
• 3 to 5 years of professional-level experience with Cybersecurity processes and related tooling, including demonstrated experience monitoring and resolving security incidents/threats.
• Demonstrated knowledge at an intermediate level of Security and IT environments, tooling, methodologies, standards, and best practices: (e.g. ITIL, ISO 27001/270002, NIST, ITSG-33 etc.)
• Progressive experience in the following:
• analyzing and correlating data to identify potential attacks, patterns of attacks, security violations, incidents, and malicious activity.
• evaluating security trends, evolving threats, risks, and vulnerabilities and implementing corrective action
• Developing and coordinating end user security awareness programs
• Maintaining security documentation and documenting incident handling processes as run books
• Excellent organizational skills with a demonstrated ability to set and achieve more than one concurrent objective reliably.
• Excellent analytical and problem-solving skills.
• Demonstrated ability and experience implementing new techniques, products and systems.
• Strong interpersonal skills (communication, teamwork etc.) including a mature and professional attitude demonstrated to clients and employees.
• At least one complex security certification (e.g. CISSP, CISM)
• Skills and abilities acceptable to the client

Key Skills & Abilities:

• Demonstrated knowledge and experience using Microsoft Purview
• Demonstrated ability to monitor and manage Microsoft Purview security features, including Data Loss Prevention (DLP), Information Protection, and Insider Risk Management, to safeguard sensitive data across organizational systems.
• Demonstrated ability to implement and maintain data classification, sensitivity labeling, and encryption policies to protect critical information within and beyond the organization.
• Demonstrated ability to analyze audit logs, investigate insider risks, and support eDiscovery processes to ensure compliance with regulatory standards and organizational policies.
• Demonstrated ability to collaborate with cross-functional teams to identify and mitigate security risks, enhance endpoint protection, and enforce Zero Trust principles in data governance.
• Preferred certifications include Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) or Microsoft Certified: Information Protection Administrator Associate (SC-400).

To view the full job description and submit your application, visit the ISM Careers Portal: https://www.ismcanada.com/careers