Junior IT Security Analyst - Mississauga, Canada - Just Energy

Just Energy
Just Energy
Verified Company
Mississauga, Canada

1 month ago

Sophia Lee

Posted by:

Sophia Lee

beBee Recruiter
Description

Description

Title:
Junior IT Security Analyst (6-month contract)


Who We Are:


Just Energy is a consumer company focused on essential needs, including electricity and natural gas; health and well-being, such as water quality and filtration devices; and utility conservation, bringing energy efficient solutions and renewable energy options to consumers.

Currently operating in the United States and Canada, Just Energy serves both residential and commercial customers.

Just Energy is the parent company of Amigo Energy, Filter Group Inc., Hudson Energy, Interactive Energy Group, and Tara Energy.


As the Junior IT Security Analyst, reporting to the Manager of IT Cyber and Information Security, you will foster strong relationships with business partners, including IT, internal audit, SOC vendor and other compliance and risks stakeholders within Just Energy.

In your capacity, you will effectively position the team to understand, articulate, and influence the IT Risk and Compliance (ITRC) strategy, plans, results, issues and outcomes.

As a project contributor, you will frequently communicate with the team to represent and discuss IT risks and compliance positions.

You will also contribute to efforts to govern, communicate, and educate staff on the adherence to risk and compliance policies, standards, processes, and procedures.


Key Responsibilities:


  • Identification of Information Security issues.
  • Participate in the development of security architecture solutions.
  • Researching and, with the assistance of the IT team, deploys new technologies.
  • Providing security guidance and oncall supports.
  • Work with Security Operations Center (SOC) implementation and engagement
  • Responding to security requests and manage request queues with the vendors.
  • Work on Information Security and cybersecurity issues.
  • Work with the team to investigate security breaches and other cybersecurity incidents.
  • Work on security issues in Operating System to protect systems and information infrastructure.
  • Document security breaches and assess the damage they cause.
  • Work with the SOC vendor to review all security program/activities, logs, and uncover network vulnerabilities.
  • Work with IT and Security teams to detect vulnerabilities to maintain a highsecurity standard.
  • Review penetration testing, vulnerability scanning and work with IT Infrastructure teams to resolve identified gaps.
  • Work on security software and understand information security management.
  • Proactively review and evaluate security configurations and setting for websites, Servers, desktops and Networks.
  • Work with IT and Business to document resolution of identified security weaknesses and recommend established improvement solutions.
  • Monitor emerging security threats, evaluate and recommend mitigation strategy.
  • Maintain necessary documentation to support security strategy by outlining the requirements and benefits of specific security tools and/or solutions.

Qualifications:


  • 2+ years of experience in Information Security, Cybersecurity and advanced threat protection
  • 2+ years of experience with Data Discovery and Data Classification strategies
  • BA or BS degree in CS or IT preferred, Computer Science or Engineering or related field.
  • Experience with computer network penetration testing and techniques.
  • Understanding of patch management with the ability to deploy patches promptly while understanding business impact.
  • Working knowledge of the following IT Compliance, Standards and Frameworks:
  • National Institute of _Standards_ and Technology (NIST) Security Standard
  • Cybersecurity and Information Security
  • Payment Card Industry Data Security Standard (PCI-DSS) requirement.
  • Open Web Application Security Project_ (OWSAP) Top Ten Vulnerabilities_
  • Common Vulnerabilities and Exposures/Weakness
  • ISACA COBIT for Information Security
  • Microsoft Windows Server/Workstation administration and security
  • Application and Network Penetration Testing with one or more of these products (Rapid7, Veracode, Qualys Guard, Burp Suite etc.)
  • Administration/Security of Cisco Routers/Switches and other WAN/LAN/WLAN/VPN/Firewall Technologies
  • Mcafee ePO, Solidcore, DLP (Devicelock), FIM (Cimtrak), DAM (Imperva), SIEM (Arcsight) and endpoint security management
  • Working experience of the following tools
  • IDPS, MITRE, SIEM, SOAP, WS Security, PowerShell & Bash and Python scripting

Professional Certificates and Registration Required
CC (Certified in Cybersecurity) certification will be nice to have or working toward any of them.


Working knowledge of the following domains will be a plus.

  • ISO IEC 27001 L.A (ISMS)
  • Certified Ethical Hacker (CEH)
  • Qualys Certified Specialist (QCS)
  • Cisco Certified Network Professional (CCNP)/ Cisco Certified Network Associate (CCNA)
  • Microsoft Certified IT Professional (MCITP)
  • Microsoft Certified Systems Administrator (MCSA)
  • Microsoft Certified Technology Specialist (MCTS)
**Understanding Knowl
More jobs from Just Energy
See all jobs of Just Energy