IT Security Analyst

As part of the Computer, Networks and Infrastructure (CNI) team, under the guidance and direction of the CNI Manager, the IT Security Analyst will be responsible for participation of the design, implementation, management, and continuous improvement of our cyber security defenses. You will also be responsible for keeping on top of the ever-evolving threat landscape while staying current with leading edge countermeasures.

This may be the role for you if you are:

• Someone with a high say-do ratio as we measure our success not on our plans but on our ability to successfully execute and deliver value for the business
• Motivated to hunt for cyber threat
• Passionate about securing and protecting people, assets, and data
• Motivated to stay on top of the fast-moving world of cyber security
• Constantly learning about the newest technologies and best practices
• Continuously looking for your next certification (and able to translate that into value for the business)
• Team player who has a desire to learn and grow in their career and help others do the same

Primary Duties and Responsibilities

• Drawing on experience, lead the development of a Cybersecurity Incident Response Plan
• Act as the primary escalatory for the Cybersecurity Incident Response Plan
• Monitor Help Desk tickets and respond to tickets related to Cybersecurity
• Be available 24/7 for high severity incidents
• Manage and administer intrusion detection/prevention systems, firewalls, network devices and various security related systems
• Maintain and monitor sensors and data sources to ensure all security events are being logged, monitored, correlated, and escalated to the appropriate parties
• Perform vulnerability testing, risk analyses and security assessments
• Work closely with the business, the software development team and the CNI team to research and provide guidance on best practices and implement solutions to maintain compliance with industry best practices and regulatory requirements
• Investigate security breaches and other cyber security incidents
• Remediate detected vulnerabilities to maintain a high-security standard
• Develop and lead company-wide best practices for IT security
• Develop and lead cybersecurity awareness and training exercises for staff
• Research, develop, and advise on Cybersecurity policies, industry standards, best practices, and strategies
• Assess and ensure vendors are compliant with organizational data protection policies and practices
• Research security enhancements and make recommendations to management
• Remain current on information technology trends and security standards
• Perform regular reporting to assess the organizations overall security posture
• Develop and maintain successful and professional internal working relationships with all software development department and end-users
• Other duties as required

Required Qualifications

• Application and infrastructure penetration testing tools
• 2+ years in securing and monitoring Azure and Microsoft 365
• 5-7 years in cyber security
• Understanding of IT infrastructure, including protocols, operating systems and networks
• Strong analytical abilities, with ability to identify problems and determine, implement solutions
• Self-motivated with the ability to prioritize, meet deadlines, and manage changing priorities
• Ability to work both independently and in a team environment, in a high-pressure environment with changing priorities
• Provide mentoring and training to team
• Excellent English oral and written communication skills
• High degree of resourcefulness, flexibility, and adaptability

Working at Peace Hills

Peace Hills understands that by reducing work-life struggles, individuals can enjoy a healthier lifestyle while improving productivity at work. Providing a collegial work environment and an exceptional work/life balance are just two of the ways we do this.

If you are interested in this great opportunity to build your career, state the position being applied for and submit your resume to Peace Hills Insurance at hr@phgic.com

We thank all applicants for their interest; however, only those candidates shortlisted will be contacted.