Description:
As a Senior Information Security Analyst, you will work with the Information Security and technology teams to effectively drive security posture improvements and apply risk management strategies to business technologies, digital security, and processes. You will also support daily security operations with auditing, securing, identifying, and remediating incidents within the Avenue Living’s business and portfolio. You will be responsible for the implementation of protection systems, controls, and awareness across the different Avenue Living businesses with a focus on SaaS and application security.
WHAT WILL YOU DO?
- Recommend and implement protection services and policy to reduce risks related to business SaaS services and custom developed applications.
- Identify and lead improvements in threat detection, protection, and remediation services.
- Establish security baselines for technologies, business services, and infrastructure.
- Lead, mentor, and participate with security operations (SOC) to identify and remediate cybersecurity threats.
- Participate in vulnerability audits, reviews, penetration testing, and assessments.
- Review and support cybersecurity on-premises and cloud infrastructure and software.
- Recommend and assist in implementing security policies and procedures.
- Plan and implement data security standards and frameworks.
- Focus on investigating and remediating specific cybersecurity problems.
- Respond to critical cybersecurity incidents including afterhours.
WHAT WILL YOU NEED?
- Minimum of 10 - 15 years of information technology experience, a post-secondary degree, and/or relevant certifications.
- 5 - 10 years of experience working as an information security analyst with documented senior technical responsibilities, achievements and experience working on the red team.
- Experience in protecting and identifying vulnerabilities in custom developed applications including utilizing a secure software development lifecycle.
- Experience with secure application development and principles.
- Experience with SaaS protection solutions, Azure cloud infrastructure, and code vulnerability scanning.
- Familiarity working with Microsoft and Check Point security tools.
- Knowledge of networking, public cloud computing, and programming/scripting.
- Ability to adapt and scale to changing priorities and risk factors.
- Knowledge of PCI and data security standards.
- Currently holding senior cybersecurity, application security, and/or data privacy certifications, certifications may include:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Cloud Security Professional (CCSP)
- Systems Security Certified Practitioner (SSCP)