Information Security Administrator (12 Month Contract)
Morguard
Mississauga, ON, Canada
Apply to this Job

Reporting to the Manager Information Security and Digital Risk, the Information Security Administrator will be responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices, as well as first-level and second-level support for security information and event management (SIEM).

In this role, you will get an opportunity to monitor the threats to Morguard’s valuable information from threat actors as well as to recommend defense systems against those threats.

DUTIES AND RESPONSIBILITIES

Security Event Management

  • Respond to and where necessary, resolve or escalate reported security incidents.
  • Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
  • Documents incident details, investigation, prioritization, business impact and root cause analysis.

Threat and Vulnerability Management

  • Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
  • Ensure vulnerability scans of IT Infrastructure is performed on an ongoing basis, review the results of scans, work with Infrastructure teams to ensure vulnerabilities are remediated as per Morguard’s vulnerability management policy.
  • Monitor security vulnerability information from vendors and third parties.

Information Security Reports

  • Responsible for generating Monthly and Quarterly management reports to evaluate the efficacy of the security policies in place.
  • Suggests necessary changes to security policies for a more secure information system.

Vendor Risk Management

  • Helps in assessing current and potential vendors, new services and new technologies from a technical security and information risk management perspective.
  • Helps to verify the applicable security control practices of third-party vendors by collaborating with Morguard team leads and vendor representatives to meet Morguard’s security policy requirements.

End User security awareness

  • Helps to promote awareness of Information Security standards and policies among IT teams and business users of Morguard.
  • Helps to create training programs and modules to educate employees and users on proper security protocols.

Any other job-related duties and/or projects that may be assigned.

Education, Skills, Knowledge and Experience

  • Bachelor’s degree in Computer Science or a related field.
  • Holds industry recognized information security certification such as CISSP or actively working on achieving such certification.
  • Detail oriented, organized and self-motivated.
  • Passionate about Cyber Security and willing to keep up to date with the latest trends in Cyber Security.
  • Working knowledge of security controls, security monitoring technologies, malware detection technologies, network security, operating systems, access and identity management, application security, penetration testing, vulnerability management and security incident response.
  • Previous experience using a SIEM such as ArcSight, Splunk, Q-Radar, McAfee Enterprise Security Manager (ESM), SolarWinds, etc.
  • Very good understanding of Microsoft Active Directory, IIS, SharePoint especially as related to role-based access management.
  • Understanding of Cloud Computing and its use in relation to enterprise software, Microsoft Azure, Office 365, Exchange Online, Intune etc.
  • Basic knowledge of Common IT and Network security concepts including TCP/IP, routing, switching, firewalls, server management, web proxies, access control and authentication, network protocols, network and systems design.
  • 2+ years of experience as a Security Analyst, in the field of Information Security and Information Risk Management in addition to Security Incident Management.
  • 2+ years of experience securing on-premise applications as well as applications within cloud platforms.

Core Competencies

  • Strong analytic and problem-solving skills. A hands-on and can-do attitude, with strict attention to detail.
  • Ability to work independently and collaboratively.
  • Ability to prioritize and meet tight deadlines.
  • Solid understanding of Microsoft Operating Systems including Servers and End user computing devices, network infrastructure (encryption, security, firewalls, etc.).
  • Experience with security tools such as SIEM, Vulnerability Scanners, Microsoft Security and Compliance, Advanced Threat Protection technologies is required.



AGENCY NOTICE: Please note that Morguard does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Services Agreement with agency/recruiter, Morguard will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement and advanced solicited services from a Morguard employee, Morguard explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.

We are committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). If you require accommodation during any stage of the recruitment process, please notify Human Resources at careers@morguard.com or (905) 281-3800. 

 

Apply to this Job