To apply for this job you must first either login or register

Security Operations Engineer

Toronto, Ontario  - Permanent



Job Description

The Security Operations Engineer (SOE) role functions as part of the Operations team handling all physical and logical security related projects and issues. A person in this role participates in information security related operations defined in corporate information security policies and procedures. Information security operations team works on identifying information security risks, assessing and reporting current threats and vulnerabilities, analyzing internal and external network activity from security standpoint, responding to security incidents, performing required compliance related procedures and various regulatory requirements. The team is also responsible for any information security related solutions analysis, design and implementation.


Must Have Skills:

RESPONSIBILITIES:
• Participate in security incidents response by performing relevant investigation and forensic analysis of each incident and applying necessary security mitigations;
• Participate in security risks, threats and vulnerabilities assessment;
• Analyze internal and external network, server and application activity using various tools;
• Improve security related monitoring and alerts by using automation where applicable;
• Identify and provide mitigation/improvement steps for any security gaps in network / server / application design;
• Participate in managing network security by handling any network infrastructure related projects and issues;
• Participate in new security solutions evaluation, design and implementation;
• Perform required compliance related activities required for PCI DSS, SOC, ISO 2700x, etc.;
• Participate/handle security assessments, penetration testing and social engineering exercises;
• Perform security awareness trainings for the company personnel;
• Participate in security audits;
• Provide information security requirements advice and counsel to various teams;
• Follow proper processes and procedures are for all security related events.

TECHNICAL QUALIFICATIONS:

• Bachelor’s degree in Computer Science, Information Technology or related field
• At least 5 years of relevant experience in IT operations and/or development
• At least 2 years of applicable information security related experience
• Experience in network administration and security
• Experience in Web Application security and OWASP Top 10 knowledge
• Experience in UNIX/Linux operating systems administration
• Knowledge of at least two scripting languages such as Bash, Python, Perl
• Experience working with Apache/Tomcat
• Experience with configuration management tooling such as Ansible, Salt stack, Puppet
• Structured Query Language (SQL) knowledge

SOFT SKILLS

• Ability to work in a fast paced environment adapting to changing priorities
• Self-starter with an appreciation for technical challenges and complex problems
• Focused and detail oriented
• Able to work independently and as part of a multidiscipline team
• Have excellent written and verbal communication skills to articulate problems and solutions to both technical and non-technical audiences
• Possess superior troubleshooting and analytical skills to perform root cause analysis, forensic investigations, suggest out-of-the-box solutions
• Use proactive approach to prevent issues from re-occurring


Nice to Have Skills:

• Experience in database administration and security (Oracle and MySQL are preferable)
• Object Oriented programming in Java or any other OOP language
• Familiarity with secure coding practices
• Familiarity with security standards such as PCI DSS, ISO 27001, etc.
• Experience working with identity and access control management solutions


Details:
Starting: ASAP
Travel: Less than 25%
Dress Code: Business Sharp
To apply for this job you must first either login or register