Cyber Security Analyst - Waterloo, Canada - BlackBerry

BlackBerry

Verified Company

Waterloo, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Worker Sub-Type:
Regular

Job Description:

SUMMARY:

As a member of the Cyber Security team, the Cyber Security Analyst will be responsible for ensuring that BlackBerry systems are designed and implemented securely.

The primary focus will be reviewing architecture and design from a security and compliance standpoint ensuring deployments meet or exceed best practices for information systems security and control.

Additional responsibilities include supporting BlackBerry internal technology teams, identifying and resolving security issues, and performing infrastructure reviews to ensure secure practices are followed, and participation in project teams.

Additional assets could include the following:

public cloud technologies, SaaS, Linux, Windows, routing and switching, encryption, virtual infrastructures, authentication methodologies, encryption, SSL, VPN, PKI, and threat risk assessments.

Responsibilities:

Ensuring that BlackBerry systems are designed and implemented securely
Reviewing architecture and design from a security and compliance standpoint ensuring deployments meet or exceed best practices for information systems security and control
Supporting BlackBerry internal technology teams
Reviewing and completing detailed risk assessments on new technologies and solutions
Identifying and working with cross functional organizations towards resolving security issues
Performing infrastructure, O/S and code reviews
Participation in project teams of varying scope and complexity
Provide mentoring and cross training

Requirements:

Bachelor's in Computer Science, or equivalent relevant and recent experience is required
5+ years proven technical Information Security experience in a high tech environment
In depth experience in security policy development and risk analysis concepts
Extended experience performing Information Security risk assessments.
Experience producing and/or reviewing system architecture, design documentation and security strategy
Researches emerging trends/best practices and determines implications of proposed solutions on meeting business unit strategy.
Provides leadership, direction and guidance for Requirements Gathering and Scope definition for the projects.
Consultant on security engineering technologies and supporting processes for strategic projects.
Assessment and evaluation of new and emerging security technologies and capabilities.
Conducts assessment on new Security Technology and Project requirements
Demonstrated experience presenting complex concepts, successfully to senior leaders

- knowledge of encryption methodologies and technologies

Experience with SaaS/PaaS/IaaS cloud services, their integrations, authentication methodologies eg: SSO, SAML
Strong interpersonal skills, selfmotivated and proactive and enjoy working on a wide range of projects that require experience in marketing, communications and training from a security perspective

Desired Qualities & Experience

Be outgoing, enthusiastic, and comfortable working with small and large teams.
Excellent verbal and written communication skills.
Professional with experience on consulting, designing and delivering large projects/programs.
Experience with physical security concepts, best practices and relevant controls.
Experience relating to security regulations and relevant compliance frameworks (eg: ISO, SOC2, FISMA, NIST, UK Gov G-Cloud, FedRAMP, HIPAA).
Design and deployment of Enterprise Security technologies and solutions e.g. Firewalls, IDS/IPS, SIEM, Malware detection & analytics, Vulnerability scanning Data Loss Prevention Services such as rule expansion, endpoint protection and data protection.
Experience in any of the following areas would be highly desired: Data Leakage Prevention (DLP), Mobile Security, Mobile Threat Management, Endpoint Forensics, Vulnerability Scanning.
Experience dealing with today's security threats, including advanced persistent threats, cloud, virtual networking, and BYOD
Experience designing audit programs and/or responding to auditors is desirable
ITIL, TOGAF, CCSE, CCSP, CCNP, CCIE, MCSE, or other designation is desirable
CISSP, CRISC, CISA, CISM, GSEC, or similar certification

LI-NR1

Scheduled Weekly Hours:
40