Junior Security Operations Analyst
Finning International Inc.
Calgary, AB
With a reporting line to the Security Operations Manager, the Junior Security Operations Analyst will be supporting the global security operations team responsible for improving the security posture of all Finning regions with regards to: governance policy compliance, firewall policy management, vulnerability management, SIEM alert management, email hygiene, anti-virus management and incident response.

The ideal candidate for this position is a thought leader, problem solver and integrator of people and processes, as well as an effective internal consultant.

Job Description:
Major Job Functions:
Firewall policy management (10%) including annual policy review, reviewing planned and ad-hoc policy rules changes, review IPS policy rules and onboarding new firewalls
Vulnerability management (15%) including asset scans and mapping, producing vulnerability and compliance reports and collaborating on vulnerability remediation activities
SIEM alert management (20%)%) including identifying log parsing errors, collaborating on remediation activities, review/action of alerts and collaborate on alert optimization
Email hygiene and anti-virus management (15%) including investigate/respond to alerts and system monitoring
Incident response (40%) including reviewing logs, and collaborating to prevent/isolate traffic, solution development and threat analysis

Education & Experience:
Obtained or working towards Bachelor’s degree in Computer Sciences or equivalent experience
Obtained or working towards one of: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control, Certified Ethical Hacker, Global Information Assurance Certification (GIAC)
One to two years of experience in IT security management or a related discipline (for example, risk, privacy, business continuity management or compliance).

Awareness of a broad range of standards and frameworks — for example, International Standards Organization (ISO) 27001, IT Infrastructure Library (ITIL), Payment Card Industry - Data Security Standard (PCI DSS), Bill-198, Personal Information Protection and Electronics Documents Act (PIPEDA)
Awareness of common risk management methodologies — for example, Control Objectives for Information and Related Technology (COBIT5)
Understanding of strategic business risks
Awareness of social engineering, penetration testing, vulnerability risk assessments, cloud computing

Specific Skills:
Proven ability to communicate with peers
Excellent written and verbal communication skills and strong interpersonal and collaborative skills
High level of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally and with the appropriate level of judgment and maturity
High degree of initiative, dependability and ability to work with little supervision
Ability to establish and maintain harmonious working relationships with co-workers and to work effectively in a professional team environment.
Spanish is an asset, not mandatory
Awareness of Identity and access management (IAM) solutions
Awareness of content filtering, firewall monitoring, IDS/IPS systems, SIEM tools, vulnerability scanners, and cyber security techniques

W e are committed to diversity at Finning, to building and sustaining a diverse and inclusive workforce and as an equal opportunity employer we encourage applications from all qualified individuals. Finning does not discriminate against applicants based on genders, races, national and ethnic origins, religions, ages, sexual orientation, marital and family status, and/or mental or physical disabilities.