Position: IT Security Analyst- Cloud
Position Type: Fulltime, permanent
Location: Toronto, ON
Division: Business Technology
Postmedia is a Canadian newsmedia company representing more than 125 brands across multiple print, online and mobile platforms. Award-winning journalists and innovative product development teams bring engaging content to millions of people every week whenever and wherever they want it.
This exceptional content, reach and scope offers advertisers and marketers compelling solutions to effectively reach target audiences. We are always on the lookout for talented individuals to join our team.
IT Security Analyst performs day-today operations of the current security solutions as well as identification, investigation, and review of security controls for the company’s products and solutions. Environment includes GCP and AWS, the IT Security Analyst is fluent in the technologies and controls, guides and monitors these solutions. The IT Security Analyst must consider security, audit, and compliance requirements, as well as participate in the audit and compliance activities as required.
What you’ll do:
- Collaborate with DevOps teams in monitoring cloud bases networks and systems for security issues, review penetration tests, security audits and any security issues or breaches.
- Participate in the implementation of new security solutions, policies, standards, baselines guidelines and procedures to support those as established by Postmedia’s security goals and to actively work towards upholding those goals.
- Conduct cloud/web application risk and vulnerability audits and assessments and participate in investigations, design and execution of risk and vulnerability assessments.
- Participate in the planning and design of the Business Continuity Plan and Disaster Recovery Plan.
- Maintain up-to-date detailed knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall security.
- Provide support as required for MSSP Level 2 and 3 Support for all in-place security solutions.
- Maintain operational configurations and baselines for all in-place security solutions.
- Regular hours apply but need to be available on-call and work off hours as required.
- Perform other duties as assigned
- Fluent in GCP, AWS and cloud-based security practices is required to be considered for the position.
- DevSecOps experience, web application development, code review and automation including continuous integration, continuous deployment.
- Experience with detecting, mitigating Security vulnerabilities as outlined in OWASP top 20.
- Possess a Degree or Diploma in Computer Science or Technology and/or at least four to six (4-6) years of experience in a role focused on IT Security and/or DevSecOps.
Who you are:
- One or more of the following certifications would be an asset: CCSP, CISSP, OSCP, PCSE
- Experience with SIEM, Firewalls & data classification.
- Endpoint detection and response (EDR), CASB, IDPS and other security related concepts.
- Knowledge of security frameworks or standards such as CIS Top 20, NIST and ISO 27001, 27017, 27018.
- Knowledge of GDPR, CASL, PIPEDA and PCI compliance requirements.
- Strong understanding of IP, TCP/IP and other network administration protocols.
- Strong understanding of Windows and Linux operating systems.
- Understanding of Databases, NoSQL and Caching systems.
- Understanding of scripting and automating tasks with Python, PowerShell, BASH or other.
- Understanding of infrastructure automation with Terraform
- Ability to effectively prioritize and execute tasks.
- Ability to conduct research into IT security issues and products.
- Highly self-motivated and directed, able to work remotely for an indefinite period of time.
- Team-oriented and skilled in working within a collaborative environment with strong communications skills.
- Be naturally innovative and forward thinking when problem solving, be analytical and detailed orientated.
- Inherently demonstrate a high level of integrity, discretion and be trustworthy.
- Willingness to travel on occasion as required.
Should you be interested in this opportunity please apply with a cover letter and resume to in one document.
Application Deadline: February 2 2021
We thank in advance all applicants for their interest, however only those candidates under consideration will be contacted. Only candidates legally eligible to work in Canada will be considered. No phone calls or agencies please.
Postmedia Network Inc. is committed to providing accommodations for people with disabilities in all areas of the hiring process. If you require accommodation during the hiring process, please make your needs known in advance. Accommodation requests will be provided on an individual basis.
Postmedia Network Inc. is committed to employment equity and an inclusive barrier-free selection process and work environment. Postmedia Network Inc. encourages applications from women, aboriginal peoples, persons with disabilities and members of visible minorities.
Application Deadline: 2021-02-02
Job Types: Full-time, Permanent