This recruiter is online.

This is your chance to shine!

Apply Now

Intermediate Information Security Analyst to conduct risk assessments and penetration tests for internal and external investigations

Vancouver, BC
  • Number of positions available : 1

  • To be discussed
  • Permanent job

  • Starting date : 1 position to fill as soon as possible

Our client is looking for an Intermediate Information Security Analyst to conduct risk assessments and penetration tests for internal and external investigations


Permanent position; Hybrid model (2 days/week), North Vancouver


Must Haves:

  • 4-5 years as a Security Analyst with hands on experience in pen testing
  • Experience with risk assessment
  • Understanding of security frameworks and experience assessing against framework such as ISO 27001 or NIST


Nice to Haves:

  • The ISO/IEC 27000 framework for building Information Security Management Systems.
  • BC’s Freedom of Information and Protection of Privacy Act (FIPPA); and e-Discovery and Legal Hold trends and legislation.
  • Familiarity with SOC and SIEM tools.
  • Familiarity with third party audit reports such as SSAE 16, SOC 2.


Responsibilities:

  • Gathering electronic evidence to support investigations, including extracting and interpreting systems log files and conducting computer forensics and mobile device forensics.
  • Analyzing threats and assessing information security exposures to information and information technology systems.
  • Performing regular pen tests and security tests on the client's Systems, as well as engaging third parties to perform regular pen tests
  • Developing electronic investigation processes and procedures.
  • Developing proactive monitoring rules, triaging alerts, and handling incidents.
  • Recommending, creating, and updating corporate principles, policies, standards, and procedures related to information security.
  • Consulting on corporate and divisional projects as an Information Security Lead, identifying information security risks, communicating with the business owners to establish impact, recommending treatment plans to remain within business risk tolerance, and tracking treatment plans through implementation;
  • Collect information security metrics to monitor and enhance the information security program
  • Work closely with non-technical stakeholders on the interpretation of electronic evidence and the creation and tuning of monitoring alerts.


Apply

Requirements

Level of education

undetermined

Work experience (years)

undetermined

Written languages

undetermined

Spoken languages

undetermined