Security Operations Analyst/2-3 yrs/Toronto

For one of the top airlines in Toronto. Mail resume to recruit3 @liveassets.ca

Collaborating with the Manager, Technology Operations, the Technology Security Operations Analyst is primarily responsible for the implementation, maintenance and monitoring of the security related components and aspects of the corporate infrastructure and software systems. This is to be performed in accordance with certification, compliance and security procedures based upon regulatory and corporate standards and policies. In addition, the Technology Security Operations Analyst is responsible for working with the Technology System Operations Analysts and IT support team to maintain the daily operations, performance, availability and reliability of the enterprise infrastructure and all critical systems.

Duties and responsibilities:

• You will work closely and cooperatively with all Technology department teams to ensure effective application and alignment to the corporate security policies and procedures under all circumstances
• Maintain current knowledge of industry, governmental and corporate certifications, standards and policies
• Respond to security incidents and report on the impact and remediation steps to management
• You will work with Technology Operations and IT Support Team to implement remediation plan and ensure compliance
• Participates in PCI-DSS and 52-109 projects as a technology resource
• You will assist with the maintaining, remediation for 52-109 certification requirements and participate with the audit process as requested by the Manager, Technology Operations
• Maintain, remediate PCI-DSS certification requirements and participate with the audit process
• Accurately lead and audit access to resources, including domain, system, application and network
• Implement and maintain LAN/WLAN and WAN network security policies, procedures and control mechanisms to be adhered to by the Operations and Support teams while performing exception reporting analysis
• Handle WAN and LAN port accessibility and configurations
• Lead internal and external security audits and vulnerability testing of all security procedures on a periodic basis and provide recommendations on required adjustments and modifications
• Implement and maintain systems and controls to monitor all technology systems for unusual behavior or breaches
• Respond to security incidents and report on the impact and remediation steps to management
• Develop and maintain all remote network access facilities (VPN, RDP,SSL etc.) policies, procedures and control mechanisms and perform routine audit and exception reporting
• Participate in and lead the coordination of the local and co-managed firewall installation and configuration
• Develop and maintain internet access filtering policies and work with the IT Support team to implement and maintain the internet access filtering and controls
• Develop and maintain email content filtering policies and work with the IT Support team to implement and maintain email content filtering and controls
• Work with the IT Support team to implement and maintain corporate anti-virus and spam filtering coverage
• Participate in the scheduling of all security patches on corporate servers and network related equipment
• Participate in the development of infrastructure, application systems and network security policies
• Participate in the development of mobility device and network security policies
• Maintain all SSL certificates
• Maintain accurate documentation and schematics of all security flow processes at the system, application accessibility and infrastructure levels
• Actively participate in Porter’s Safety Management System (SMS) including, reporting hazards and incidents encountered in daily operations; understand, comply and promote the Company Safety Guidelines
• Participate in after hours, on call rotation.
• Any other duties as assigned

Qualifications:

• Bachelor or Master’s Degree in Computer Science or equivalent experience
• Experience with anti-virus management console and vulnerability scanning tools
• Certification in information security disciplines is a definite asset
• Penetration Testing experience is a definite asset
• Amazon Web Services experience is a definite asset
• Experience with Configuration Management Tools such as Puppet or Chef is a definite asset
• Technical experience/exposure of 1 year
• Highly motivated and willing to take initiative
• Excellent analytical skills
• Ability to work in a team environment or individually as required
• Ability to travel when required (including travel to US destinations)
• Availability to work off hours (including evenings, weekends and holidays) if necessary
• Advanced knowledge of Microsoft server concepts and processes
• Solid knowledge of networking concepts and technologies
• Strong knowledge of network security concepts and tools
• Advanced knowledge of LAN security technologies
• Solid understanding of PCI/DSS and 52-109 regulations and other regulatory requirements
• Advanced knowledge of Windows operating systems (beginning with XP) and MS office suite 2007
• Advanced knowledge of networking protocols/principles (i.e. TCP, IP, VPN)
• Advanced knowledge of wireless protocols including 802.11 B,G & N and all encryption methods
• Solid knowledge of cellular technologies
• Excellent knowledge of MS-Active Directory
• Advanced knowledge of remote access features

“We are an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.”