About the job
As a member of the Digital Technology Services (DTS) team here within Capilano University, you will be a vital asset in providing an exceptional experience to both our employee and student communities through invention, collaboration, and technical talent.
As we embark on our university wide digital transformation, we’ll be seeking fellow trailblazers to join our teams as we integrate state of the art technologies. With a variety of projects and initiatives in the pipeline, there is no shortage of opportunity to innovate. Within our teams, you’ll be working alongside a variety of talented individuals involved in initiatives focused on cyber security, data analysis, operational analytics, quality assurance, integration, customization, and implementation.
Do you have a passion for optimization? Join us in creating a lasting impact that goes beyond routine tasks, contributing to the long-term success of our technological landscape and the university community.
Reporting to the Manager, Centralized Security Services, (DTS) the cybersecurity analyst will perform technical work in support of the university cybersecurity operations and strategy. An incumbent in this position is primarily responsible for implementing and maintaining cybersecurity measures processes and controls, monitoring the digital ecosystem for security breaches, analyzing and responding to complex cybersecurity-related alerts and incidents, monitoring network and system logs, network traffic for cybersecurity incidents, implementing technical projects relating to cybersecurity, and participating in the development and implementation of the university’s cybersecurity strategy and programs.
What you’ll do:
Implements, and maintains cybersecurity measures, processes and controls as guided by developed cybersecurity frameworks, critical security controls and the National Cybersecurity Assessment (NCA) framework.
Uses established processes to complete work outlined in cybersecurity programs such as digital security services, identity and access management and cybersecurity to ensure all digital solutions are cybersecurity compliant.
Proactively monitors the digital ecosystem using industry standard tools to detect malware, suspicious activity, and breaches across all levels of the digital ecosystem, including network, services, cloud infrastructure, software, and systems.
Monitors infrastructure components related to cybersecurity including security information and event management (SIEM) platform, firewalls, endpoint protection, intrusion detection/intrusion prevention system (IDS/IPS), active directory, Azure security tools, Office 365 advanced threat protection and others.
Maintains the enterprise security architecture; contributing to the development of operational and tactical plans related to cybersecurity.
Collaborate with DTS teams to identify security gaps and implement approved solutions.
Implements and monitors a server and endpoint patch management strategy.
Provides recommendations and guidance to the central cybersecurity services management team on maintaining an appropriate level of cybersecurity maturity. Implements approved recommendations.
Participates and provides the appropriate level of response to security breaches including incident response as required by the centralized security services management team.
Perform security audits to assess the effectiveness of policies, procedures and security measures to ensure continued risk mitigation, protection of assets, and maintain compliance with industry standards, regulations, and laws.
Prepare audit plans, document all reviews, present recommendations for DTS policy revisions, data analysis, reporting, and follow up and monitoring.
Investigates and responds to cybersecurity alerts and incidents, including troubleshooting, researching, and implementing technical solutions.
Participates in technical assessments, performs security threat risk assessments (STRA) and follows up with DTS teams for risk mitigation on any identified risks.
Prepares reports for the technical assessments and STRAs.
Develops and delivers cybersecurity training materials, participates in the annual refresher cycle ensuring that the university community is cybersecurity training compliant.
Coordinate and develop prioritized action plans for vulnerability and penetration tests as directed by the central cybersecurity services management team.
What you’ll bring
3+ years of relevant professional experience, with 1 year in a public sector environment.
Experience with cybersecurity processes, procedures, and tools.
Experience in conducing audits, assessments and writing STRA reports.
Experience in performing investigations related to cybersecurity in one or more of the following areas: Network, server, endpoint, Azure cloud, Active Directory, Office 365.
Direct related experience assuming progressively more technology and systems related duties, including experience with security technologies, IT infrastructure, identity management, and cybersecurity platforms.
A bachelor’s degree.
Completion of courses or certificates related to cybersecurity credentials such as CISSP, CISA, CRISC, ITIL, TOGAF, Microsoft, Cisco, Palo Alto etc.
Experience with the ITIL framework and ITSM best practices, tools, and techniques; ITIL certification is an asset.
Experience in effectively communicating and preparing cybersecurity information.
Completion of a criminal record check.
How to Apply: