PA Level 8 - Information Security Analyst - Information Technology Systems and Services
$73,308 to $80,512 per annum, as per CUPE 1870
UPEI’s Information Technology Systems & Services (ITSS) team is seeking applicants for an Information Security Analyst position that will be responsible for the security of IT infrastructure, software, and at UPEI. This position provides guidance and technical expertise in the following cybersecurity practices: security risk assessment; development and enforcement of security policies and protocols; analysis and monitoring of threats and vulnerabilities; incident management including investigations, forensic analysis; and long-term cybersecurity design and planning.
What we offer:
- Flexible work arrangements
- Comprehensive Health and Dental
- Post Retirement Benefits
- Tuition Waivers
- Health and Wellness on Campus available to staff
- Professional Development Opportunities
RESPONISBILITIES:
The incumbent is responsible for the implementation of UPEI’s information security strategy by supporting cybersecurity operations, threat and vulnerability management, incident response, alerting and monitoring:
- Develops, enforces, and monitors cybersecurity policies and standards
- Ensures UPEI systems and networks meet federal and provincial regulatory requirements;
- Participates in cybersecurity and data privacy investigations (enterprise and user levels);
- Works closely with UPEI’s legal and privacy officers reporting information on breaches to federal and provincial institutions;
- Participates in Information security audits and run cybersecurity exercises
- Performs research, tests, installs, and controls security tools
- Monitors networks and services seeking for detection of Information Technology threats
- Reports and analyze threats to prevent information attacks
- Performs cybersecurity forensic investigations and participates in incident response plans
- Participates in day-to-day cybersecurity activities such as penetration testing, vulnerabilities patching, etc.
QUALIFICATIONS:
- Undergraduate degree in Computer Science, Information Systems, or a related field. Equivalent working experience will be considered
- Certifications such as CISSP, Security+, or GSEC (GIAC Security Essentials); from ISACA, ISC2, or similar body is considered an asset
- Information Technology recognized training (e.g., SANS, security vendor) would be an asset
- Minimum 5 years’ experience in Information Technology with at least 3 years’ experience working with security applications. Demonstrated knowledge of IT security principles, practices, technologies, and procedures
- Operational experience with the following: SIEM (Security Event Monitoring), enterprise endpoint management, WAF (Web Application Firewalls), endpoint anti-malware, DLP (Data Loss Prevention), EDR (Endpoint Detection and Response systems), Intrusion Detection/Prevention systems
- Demonstrated expertise in the following: Linux administration, Microsoft server administration, networking technologies, M365 security, Azure security, Active Directory/LDAP, Microsoft security and identity services
- Demonstrated understanding of the following: technical capability of security components, vulnerability assessment, authentication techniques, security attack pathologies, risk assessment procedures, IT auditing practices
- Understanding of the cyber security risks associated with various technologies and ways to protect
- A working knowledge of various security technologies such as network and application firewalls, host intrusion and prevention and anti-virus
- Excellent IT skills, including a passion for cybersecurity, knowledge of computer networks, operating systems, software, hardware, and security
- Ability to work as part of a team and to build strong relationships with staff and other relevant individuals
- Excellent written communication skills, technical report writing is an asset.
- Time-management and organizational skills to manage a variety of tasks, prioritize workload and meet deadlines
- Excellent attention to detail, analytical skills, and an ability to analyze complex technical information to identify patterns and trends
- Temperament and ability to communicate technical information to people with non-technical backgrounds
- Temperament and ability to work with people who are experiencing difficulty due to a cyber security incident
- Ability to work under pressure, particularly when dealing with threats and at times of high demand
Please submit electronically a cover letter, quoting the competition number, a resume and reference list to be received no later than the closing date via the link below.
If you are unable to apply online, you can drop off your resume to the Human Resources Department, Kelley Building, University of Prince Edward Island, 550 University Avenue, Charlottetown, PEI C1A 4P3, Fax Number 902-894-2895.
UPEI is committed to equity, diversity, inclusion, and reconciliation and believes in providing a positive learning and working environment where every person feels empowered to contribute. UPEI is committed to the principle of equity in employment and encourages applications from underrepresented groups including women, Indigenous peoples, visible minorities, persons with disabilities, persons of any sexual orientation or gender identity, and others with the skills and knowledge to productively engage with diverse communities. If you require accommodation in any part of the process, please direct your inquiries, in confidence, to our HR Officer, hrofficer@upei.ca. Applications will not be accepted via email.
Only those applicants who are invited to an interview will be acknowledged.
Note that this site is not compatible with some mobile browsers (e.g. iPad, iPhone). Upon successful submission of your application, you will receive an auto-reply to your email address advising your application has been received. If you do not receive an email, please check your spam folder and/or try submitting your application via a different web browser (Google Chrome, Firefox, etc).
