Job Purpose

Reporting directly to the Information Security Manager of the IT Security Team, the Cyber Security Analyst recommends, implements, and monitors security measures and training ensuring that DDSB’s information assets are protected from unauthorized access. This includes securing both cloud and on – premise infrastructures, using metrics and data to identify, audit, and assess potential risks to filter out suspicious activity, and mitigating risks before breaches occur. This role will also be the front-line role, leading efforts to counter attacks through both technical analysis and implementation including support, and through the implementation, analysis and maintenance of an effective information security training program for all staff.

Accountabilities

• SECURITY INCIDENT RESPONSE AND FORENSICS: Monitor network traffic to detect potential threats and use professional knowledge and judgement to analyze, develop and implement a response to threats in a timely manner. Contain the negative impact of security incidents by following and interpreting the Incident Response Plan (IRP) to meet the individual circumstances of a situation. Perform root cause analysis and provide recommendation to improve security controls. Create and preserve evidence in the event of a breach to aid prevention of cybercrime through collection, analysis and reporting of data.
• VULNERABILITY MANAGEMENT AND ANALYSIS: Use training and experience to tactically guide the Vulnerability Management (VM) Plan to coordinate, monitor and support activities in the areas of VM program, security patch and remediation management. Provide expertise, help prepare and update VM roadmap. Provide status reports to IS Manager and Head of Information Technology related to VM metrics, KRIs, trending and compliance reports. Research, design, architect, deploy and maintain options for IT security solutions to ensure compliance with DDSB policies and relevant Provincial, Federal and Municipal legislation. In collaboration with other teams, design and develop detailed computer security architecture. Identify and implement mechanisms to reduce the risk of data breaches and data loss.
• RISK ASSESSMENTS, THREAT MODELING AND REPORTING: Identify, classify and prioritize vulnerabilities in computer systems, applications, servers and network infrastructure using vulnerability scanners and penetration testing toolkits. Identify, analyze and evaluate cyber risk posture and make connections to ongoing threats to be addressed. Responsible for generating reports and performing gap analysis for IT and Non-IT business functions to evaluate the effectiveness of security controls in place.
• SECURITY AWARENESS TRAINING AND PHISH-SIM TESTS: Design, prepare and implement security training campaigns and conduct online and on-site security trainings. Prepare and communicate monthly security tips to ensure security information stays on top-of-mind for all staff. Use threat simulations to track and report on effectiveness of security awareness training program. Base on analysis, make recommendations to the IS Manager on next steps to improve the security training program.
• SOFTWARE SECURITY ASSESSMENT: Identify weaknesses and potential risks of new and existing cloud software. Analyze and develop security controls to mitigate risks, if necessary. Responsible for documenting results and remediation plans within the board’s Technology Approval Process software (TAP).

Knowledge and Skills

• Sound knowledge of technical security controls, assessment and awareness training
• Excellent problem-solving, organizational and analytical skills
• Sound written and verbal communication skills
• Deep understanding of security incident response, root cause analysis and should have hands on experience with technical tools (SIEM, Scanners, Tests)
• Multitasking skills, ability to learn quickly and must be able to work under pressure with hard project deadlines

Education and Experience

Education

• Completion of an undergraduate university degree in a related discipline or a combination of education, training and experience deemed to be equivalent.
• Must have a least one valid security certifications (CyberOps Associate, Security +, CEH or equivalent). CCSP, CISSP, or equivalent will be an asset

Experience

• 5 years Total Technology experience required
• 3 years Vulnerability Tools and Risk Assessments required
• 3 years experience Security Investigations required
• 3 years experience Security Awareness Training required

The DDSB is committed to equity and inclusion in the recruitment and hiring of qualified staff who reflect the diversity of our region. We encourage submissions from candidates who represent the various dimensions of diversity. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs.