Security Analyst Enterprise Technology - Mississauga, Canada - Purolator

Purolator
Purolator
Verified Company
Mississauga, Canada

4 weeks ago

Sophia Lee

Posted by:

Sophia Lee

beBee Recruiter
Description

Description:


Working in Purolator's Security Risk and Compliance team, the IT Security Analyst is responsible for governing all security aspects ensuring compliance to security guidelines, security auditing requirements, and following industrial best practices.


The work we do at Purolator impacts every Canadian. To work with us, you must be eligible to obtain a Reliability Security Clearance

Responsibilities:


  • Understand and improve the access model and bring security awareness to the product teams on applicable standards/policies.
  • Work with business and project teams to govern SAP/middleware access requests and related issues by following the standardized processes and procedures.
  • Manage the penetration testing process from end to end working closely with project teams and various vendors.
  • Assist in resolving issues related to roles & authorization, and in implementing a testing strategy for credentials management, code quality, vulnerability assessment, secrets management, and other roles & authorization related development.
  • Performing risk assessments, threat modeling and security architecture reviews, and prepare and maintain security related documents as and when required.

Additional Responsibilities:


  • Familiarity with network layer technologies
  • FWs (Juniper, Checkpoint or similar), EDR fundamentals, VPN technologies, DNS.
  • Experience in designing and configuring SAP security solutions such as GRC Access Control, Identity Access Governance, GRC Process Control, SAP Enterprise Threat Detection and Onapsis.
  • Expertise in threat modeling frameworks.
  • Knowledge of OWASP Top 10, STRIDE, MITRE ATT&CK framework or similar.
  • Knowledge of NIST SP Risk Management Framework.
  • Experience using Jira for Agile software development and deliver methodology.

Education:


  • Academic: University degree in engineering, computer science, business, or equivalent.
  • Certifications: CISSP, CISA, or CISM are recommended.

Experience:


  • 5+ years experience in the IT Security field.
  • Exceptional interpersonal skills and proven to flourish working in a fastpaced environment.
  • Ability to work effectively in a crossdisciplinary team, across multiple projects and multiple locations.
  • Sharp analytic and problemsolving capabilities that go beyond strict technical expertise.
  • Leadership skills, experience working with various stakeholders.
  • Experience managing and supporting privileged Access Management solutions.
  • Knowledge of entitlements and access control the various protocols for tracking records such as LDAP.
  • Experience with cyber security, controls testing, and presenting.
  • Strong SaaS/Application/Network security knowledge and experience.
Extensive experience and knowledge in as many as possible of the following areas:


  • Middleware Management
  • Data Security
  • Identity and Access Management
  • AWS Cloud, Okta, OpenID, OAuth, SAML, 2FA
  • Cloud Computing, Cloud Network Services and Software-Defined Networking (SDN)
  • Cyber Security and Cyber Investigation
  • Familiarity with Web technologies and standards
  • HTTP/S, JSON, REST, SOAP, XML, W3C Standards, Python.
  • SCA and SAST tools
  • OWASP Dependency-Check, OWASP Dependency-Track, Snyk, Veracode, SonarQube or similar.
  • Experience in Disaster Recovery, Test and Evaluation, and Risk Management.
More jobs from Purolator
See all jobs of Purolator