Cybersecurity Operations Analyst
Cybersecurity Operations Analyst
Trimac has a focus on sustainable, profitable growth and an acceptable return on capital for the future. A critical element will be the execution of our growth strategy in uncertain environments, increasing the need for professional strategy development and the need to improve our cyber security initiatives.
Trimac has a responsibility to protect the data and systems of its customers and vendors, and a fiduciary responsibility to protect the data of its employees.
This role reports to the Manager IT Infrastructure and interacts with the IT Infrastructure and Network teams, the IT Support team, and business stakeholders including Human Resources, Safety, and Operations departments.
- Security architecture, implementation of security tools and support over the entire product lifecycle including patch management; implementation and oversight of technology upgrades, improvements, and major changes to the information security environment
- Contribute to the design of vulnerability management plans
- Contribute to the managed security strategy and manage the technical aspects of implementing a security managed service provider suite of tools and services
- Contribute to the design of incident response plan
- Creation of security response runbooks to be used by the company and its managed service provider
- Contribute to the design of a risk management framework
- Development of security KPIs, and incident and vulnerability metrics
- Assist in the execution of a security awareness program that effectively manages the behavior of employees
- Contribute to the development of a security architecture strategy and work directly to implement elements of the strategy
- Provide direct input and guidance that leads to the updating and development of security policies and procedures
- Provide guidance on data privacy legislation and compliance and ensure appropriate controls and procedures are designed and operating to protect sensitive data
- Coordinate with selected vendors the execution of security assessments such as penetration testing.
- Make appropriate product and service recommendations to ensure the security infrastructure aligns with the company's needs
- Prioritize vulnerabilities based on risk assessment and execute remediation in coordination with the IT team tasks
- Continually assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement; make risk-based recommendations and execute remediation tasks.
- Act as the representative for security topics between IT and business stakeholders
- A diligent tactician with strong technical skills, analytical ability, good judgment, and strong operational focus.
- A decisive individual who exhibits sound and accurate judgment and makes timely decisions.
- Identifies and resolves problems in a timely manner.
- Looks for ways to improve and promote safety and quality and is able to act on them.
- An intelligent and articulate individual who can relate to people at appropriate levels of an organization and possesses excellent communication skills.
- Strong negotiation skills.
- Proven ability to work with technical IT personnel to prepare execution plans, set expectations, monitor delegated activities, and hold people accountable.
- Effective communication skills across all layers of a large multi-national organization, including a proven ability to communicate complex topics in lay terms.
- Ability to prioritize many initiatives with a focus on both risk and business value.
- Ability to think critically and innovatively and operate within time, financial and resourcing constraints.
- Post-secondary accreditation in computer science, cyber security, networking, or closely related field. Relevant experience in lieu of formal education will be considered.
- One or more recognized cyber security professional certifications from a recognized institute, such as ISACA, SANS, ISC2
- PMP or related certification is a definite asset
- Minimum of three (3) years of experience as a cyber security operations analyst.
- Direct experience working with, implementing or managing security, network solutions, firewalls, network security, appliances, , IDPs, M365 & Azure tenant security configuration, public cloud security architecture, and configuration, including email filters, web filters, web application filters, EDR tools, SIEM services and related log monitoring processes.
- Experience detecting and remediating vulnerabilities for continuous improvement of security hygiene.
- Data analytics capabilities and data literacy proven with experience creating reporting, KPI and analytics solutions in any domain.
SAFETY IS OUR CORE VALUE
- We make Safety a part of every decision.
- We make Safety personal.
- We have the courage to intervene.
Job Reference #: 151305