Onico Solutions

Exceptional IT Staffing

Security Analyst (Threat Analysis/Palo Alto)

The Security Analyst (Threat Analysis/Palo Alto) is responsible for the identification, investigation and resolution of security events; as well as for conducting vulnerability audits and taking timely action to remediate findings. The Security Analyst (Threat Analysis/Palo Alto) is involved in the design, configuration and implementation of security solutions. They are also accountable for the creation and maintenance of standards, baselines, guidelines and procedures. The Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding and further developing those goals to improve the Information Security maturity level.

 JOB ACCOUNTABILITIES:

  • Work with Managed Security Services Providers (MSSP’s) to manage the security configuration and operation of managed security technologies; respond in a timely matter to escalated security incidents and work with external and/or internal stakeholders to provide timely resolution.
  • Review (and/or oversee the monitoring of) logs and reports of existing systems; interpret the implications of identified activity and devise plans for appropriate resolution.
  • Work with a managed security training provider to deliver on-going security awareness initiatives.
  • Participate in the design and execution of vulnerability assessments, penetration tests, security audits, and remediation of identified vulnerabilities.
  • Participate in the planning and design of enterprise security architecture; maintain and improve configurations of security solutions for efficient and appropriate operations.
  • Participate in the creation of enterprise Information Security documents (policies, standards, baselines, guidelines and procedures).
  • Compile metrics related to the Information Security program, analyze threat trending and develop a mitigation strategy to minimize identified risks.
  • Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan
  • Maintain up-to-date detailed knowledge of the Information Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
  • Recommend new security solutions or enhancements to existing security solutions to improve overall enterprise security posture
  • Participate in the deployment, integration and security configuration of new IT solutions and of any enhancements to existing IT solutions in accordance with standard best operating procedures and the enterprise’s security standards.
  • Maintain up-to-date baselines for the secure configuration and operations of IT systems, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).

SCOPE OF RESPONSIBILITY:

  • Identification, investigation and resolution of security events
  • Design, configuration and implementation of security solutions.
  • Supporting security audits and managing the remediation of identified vulnerabilities.
  • Creation and maintenance of standards, baselines, guidelines and procedures.
  • Taking adequate and timely action to enhance the security posture of the organization
  • This position is expected to perform with minimal supervision.

EDUCATION AND EXPERIENCE REQUIREMENTS:

  • Post-secondary education in Computer Science or equivalent combination of education and experience that satisfy the requirements of the position.
  • Minimum 5 years of progressive responsibilities in managing security systems, Incident Response, Risk Assessments, Vulnerability Management, User awareness training, etc.
  • CISSP is a strong asset

CORE COMPETENCIES AND SKILLS:

  • Working knowledge of variety of security technologies in areas of: CyberArk, End Point Protection, IPS/IDS, Malware Protection (Network), SIEM, Digital Certificates, Patch Management, URL filtering, Identity and Access management (IAM), etc.
  • Minimum 4 years hands on experience managing/supporting/configuring Palo Alto firewalls
  • Strong understanding of TCP/IP, IPSEC, SSL/TLS and other network and encryption protocols.
  • Strong understanding of all currently supported Windows operating systems; knowledge of Linux distributions is an asset
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Excellent written, oral, and interpersonal communication skills.
  • Proven ability to conduct research into Information Security issues and security products as required.
  • Proven ability to present ideas in business-friendly and user-friendly language.
  • Highly self-motivated; able to work with minimal supervision.
  • Keen attention to detail.
  • Team-oriented and skilled in working within a collaborative environment. 

This a permanent position located in Toronto, ON with an annual salary of $90,000.00 – $100,000.00 plus bonus.  The successful candidate will have strong experience with Palo Alto firewalls.