PA Level 8 - Information Security Analyst - Information Technology Systems and Services
$73,308 to $80,512 per annum, as per CUPE 1870
UPEI’s Information Technology Systems & Services (ITSS) team is seeking applicants for an Information Security Analyst position that will be responsible for the security of IT infrastructure, software, and at UPEI. This position provides guidance and technical expertise in the following cybersecurity practices: security risk assessment; development and enforcement of security policies and protocols; analysis and monitoring of threats and vulnerabilities; incident management including investigations, forensic analysis; and long-term cybersecurity design and planning.
What we offer:
- Flexible work arrangements
- Comprehensive Health and Dental
- Post Retirement Benefits
- Tuition Waivers
- Health and Wellness on Campus available to staff
- Professional Development Opportunities
RESPONISBILITIES:
The incumbent is responsible for the implementation of UPEI’s information security strategy by supporting cybersecurity operations, threat and vulnerability management, incident response, alerting and monitoring:
Develops, enforces, and monitors cybersecurity policies and standards
Ensures UPEI systems and networks meet federal and provincial regulatory requirements;
Participates in cybersecurity and data privacy investigations (enterprise and user levels);
Works closely with UPEI’s legal and privacy officers reporting information on breaches to federal and provincial institutions;
Participates in Information security audits and run cybersecurity exercises
Performs research, tests, installs, and controls security tools
Monitors networks and services seeking for detection of Information Technology threats
Reports and analyze threats to prevent information attacks
Performs cybersecurity forensic investigations and participates in incident response plans
Participates in day-to-day cybersecurity activities such as penetration testing, vulnerabilities patching, etc.
QUALIFICATIONS:
Undergraduate degree in Computer Science, Information Systems, or a related field. Equivalent working experience will be considered
Certifications such as CISSP, Security+, or GSEC (GIAC Security Essentials); from ISACA, ISC2, or similar body is considered an asset
Information Technology recognized training (e.g., SANS, security vendor) would be an asset
Minimum 5 years’ experience in Information Technology with at least 3 years’ experience working with security applications. Demonstrated knowledge of IT security principles, practices, technologies, and procedures
Operational experience with the following: SIEM (Security Event Monitoring), enterprise endpoint management, WAF (Web Application Firewalls), endpoint anti-malware, DLP (Data Loss Prevention), EDR (Endpoint Detection and Response systems), Intrusion Detection/Prevention systems
Demonstrated expertise in the following: Linux administration, Microsoft server administration, networking technologies, M365 security, Azure security, Active Directory/LDAP, Microsoft security and identity services
Demonstrated understanding of the following: technical capability of security components, vulnerability assessment, authentication techniques, security attack pathologies, risk assessment procedures, IT auditing practices
Understanding of the cyber security risks associated with various technologies and ways to protect
A working knowledge of various security technologies such as network and application firewalls, host intrusion and prevention and anti-virus
Excellent IT skills, including a passion for cybersecurity, knowledge of computer networks, operating systems, software, hardware, and security
Ability to work as part of a team and to build strong relationships with staff and other relevant individuals
Excellent written communication skills, technical report writing is an asset.
Time-management and organizational skills to manage a variety of tasks, prioritize workload and meet deadlines
Excellent attention to detail, analytical skills, and an ability to analyze complex technical information to identify patterns and trends
Temperament and ability to communicate technical information to people with non-technical backgrounds
Temperament and ability to work with people who are experiencing difficulty due to a cyber security incident
Ability to work under pressure, particularly when dealing with threats and at times of high demand
Please submit electronically a cover letter, quoting the competition number, a resume and reference list to be received no later than the closing date via the link below.
If you are unable to apply online, you can drop off your resume to the Human Resources Department, Kelley Building, University of Prince Edward Island, 550 University Avenue, Charlottetown, PEI C1A 4P3, Fax Number 902-894-2895.
UPEI is committed to equity, diversity, inclusion, and reconciliation and believes in providing a positive learning and working environment where every person feels empowered to contribute. UPEI is committed to the principle of equity in employment and encourages applications from underrepresented groups including women, Indigenous peoples, visible minorities, persons with disabilities, persons of any sexual orientation or gender identity, and others with the skills and knowledge to productively engage with diverse communities. If you require accommodation in any part of the process, please direct your inquiries, in confidence, to our HR Officer, hrofficer@upei.ca. Applications will not be accepted via email.
Only those applicants who are invited to an interview will be acknowledged.
Note that this site is not compatible with some mobile browsers (e.g. iPad, iPhone). Upon successful submission of your application, you will receive an auto-reply to your email address advising your application has been received. If you do not receive an email, please check your spam folder and/or try submitting your application via a different web browser (Google Chrome, Firefox, etc).
