W3Schools

Security Analyst

We are a growing Canadian technology consulting company that employs adults on the autism spectrum for rewarding careers in technology. Our clients recognize the value of neurodiversity and partner with us to build an inclusive work environment where everyone can be successful. With the support of our job and technical coaches, our consultants build confidence, improve on, and learn new technical skills and are provided with ongoing professional development.

We are currently looking for an experienced Security Analyst to join our team of consultants and work on client projects in Calgary, Montreal, and Toronto.

Responsibilities Include:

  • Plan, develop, execute and document results of security test procedures
  • Assist in the collection, analysis, and reporting of security measures to support decisions regarding our client’s cybersecurity posture and continuous improvement
  • Support data calls and prepare technical reports and high-level summaries to senior management
  • Perform quality reviews of audit reports, surveys, and special studies; report findings and recommend further corrective actions, including changes in Departmental policies and guidance as required

Background and Skills:

  • Strong organizational and time-management skills
  • Ability to develop and present reports and findings
  • Experience working with senior level management
  • Understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate
  • Understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits
  • Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)
  • Technical knowledge of Windows, UNIX and Linux operating systems as both an user and system administrator
  • Programming skills that will be used to construct, modify, and execute testing tools including shell(ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, Powershell, curl, Web application development (PHP, ASP.NET, etc.)
  • Knowledge of software security testing principles, practices, and tools, the experience of vulnerability assessments in a complex environment
  • Experience with Malware (including reverse engineering) and with internal and external attacks
  • Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles
  • Effective teamwork skills for collaboration on analysis techniques, implementation, and reporting
  • Demonstrates creative/out-of-the-box thinking and good problem-solving skills
  • Demonstrates strong ethical behaviour
  • Experience with database management software (Oracle, MongoDB, MySQL, DB2, etc.)
  • Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols
  • Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors
  • Understanding of cloud-based architectures and highly distributed big data architectures
  • Understanding of mobile android and iOS environments and app development
  • Experience with application security testing tools, such as Qualys Web App Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework
  • Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.)
  • Fluency in English
  • Ability to work in French (considered a strong asset)