Senior Cyber Security Analyst- - law firm
With Hays in Toronto - CAMore jobs from Hays
Posted on May 14, 2020
About this job
Job type: Full-time
Experience level: Senior
Role: Product Manager, System Administrator
security, sysadmin, project-management
Full Time Perm IT Security Analyst Job Toronto or Montreal Cyber Security Senior 5+ Years Security Experience
Your new company
Borden Ladner Gervais LLP (BLG), a leading, innovative and client-focused law firm in Canada, is seeking a: Senior Analyst, Cyber Security in either Toronto or Montreal office.
Your new role
The Senior Analyst, Cyber Security will be expected to communicate and provide feedback on IT Security operations and support the IT Security strategic plans, delivering on IT project initiatives while ensuring appropriate project milestones and objectives are being met. Lastly, the incumbent will assist with resolving complex issues for day to day operations as required.Your main responsibility includes:
- Work closely with business managers, external auditors, technical team members, architects and other senior team members to understand the Firm's requirements related to information systems security and regulatory compliance, and to map those requirements to security initiatives and projects.
- Develop, oversee and implement the Firm's information security policies, standards and guidelines.
- Oversee the continuous monitoring and protection of the IT infrastructure, IT systems and Firm information.
- Ensure unauthorized intrusions, access and tampering are prevented and that any such security incidents are quickly remediated.
- Serve as the Firm's focal point for security incident response planning and execution and lead the Computer Security Incident Response Team (CSIRT).
- Assist with and participate in the execution of Internal/External Audits, Risk Assessments and Risk Management and develop appropriate criteria needed to assess the level of compliance of new/existing applications and/or technology infrastructure with firm-wide security standards.
- Support the design, implementation, operation and maintenance of the Information Security Management System based on the ISO 27000 series standards, including certification against ISO 27001.
- Host, coordinate and participate in meetings with IT management, project teams and workgroups either in person, via video or telephone conference.
- Provide support for the IT Helpdesk for escalated security related work orders as required, ensuring that these work orders are completed within the service level agreements.
- Provide emergency after hours support as required.
- Proactively plan and deploy systems maintenance and security patches.
What you'll need to succeed
We are looking at a Senior level candidate with minimum 5 years of Cyber Security management experience. You have these in you:
- Information Systems Security qualifications such as CISSP, Ethical Hacking, CRISC, CISA, or CISM
- Experience in establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System based on the ISO 27001 standards.
- Knowledge of L4-L7 protocols such as SSL, HTTP, DNS, SMTP and IPSec
- Expert knowledge with Next Generation Firewall, IDS/IPS solutions and Enterprise DLP solutions and core end point and network security products.
- Strong understanding of enterprise security technologies such as Security Machine Learning and Behavioral Analysis Systems, White Listing Applications Systems, Enterprise Privileged Account management platforms and SIEMs.
- Strong vendor management skills
- Understanding of information management and data classification
- Intermediate to expert virus protection and content filtering knowledge
- Knowledge of encryption techniques and PKI infrastructure
- Penetration Testing / Risk Assessment / Audit and Compliance knowledge
- Audits and security accreditation process experience
- Experience in ISO compliance support
- Understanding of incident investigations processes and reporting
- In-depth experience in:
- Vulnerability testing and penetration testing
- Developing information systems security practices as a people problem versus a technical problem
- Standards-based architecture with an understanding of how to get there, including compliance monitoring and enforce-ability
- Knowledge of network systems and security protocols
- Knowledge of security software programs and implementation
- Knowledge of best practices in developing security procedures and infrastructure
What you'll get in return
You will be working in the largest Canadian Law Firm with extensive responsibilities as a Senior Level Security staff, overseeing the firm on national scope. Your working environment is very flexible, professional and a prime working location at the heart of the city. The salary is competitive in the market with flexibility working from home 1-2 days a week.
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV , or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.