TAKE YOUR CAREER TO THE NEXT LEVEL WITH MEVOTECH.

We are constantly challenging the status quo and raising the bar allowing employees to make an impact within the company.
Mevotech is a trusted North American aftermarket auto parts leader that specializes in the engineering, design and distribution of driveline, steering and suspension parts (branded and private label). Fueled by innovation, our brands feature engineering improvements for maximum durability and performance, as well as time and labor-saving enhancements that drive bay efficiencies and increase shop revenues. Our in-house engineering team always has the Professional Technician in mind, and we are continuously optimizing part design for durability and ease of installation.
With over 600 Canadian and U.S. team members, we can attribute our continued success to the passion, spirit and dedication of our employees. Mevotech was recognized with a Canada’s Best Managed Companies award in 2023 and 2024 for its industry-leading performance, global business practices, and sustained growth. Check out our career website to learn about our amazing culture and our commitment to employee wellness and engagement. https://www.mevotech.com/about-us/careers/

QUALIFICATIONS, SKILLS, AND EDUCATIONAL REQUIREMENTS

• College diploma or university degree in the field of information security and/or five years equivalent work experience.
• One or more of the following certifications:
• 
  
  
  
• CompTIA Security+

• Microsoft Certified Systems Administrator: Security
• (ISC)2 Certified Information System Security Professional (CISSP)
• Cisco Certified Network Associate
• Fortinet NSE Certified Professional
• Extensive experience with Next Generation Firewalls, VLANs, Network Segmentation, Email Security solutions including SPF, DKIM and DMARC.
• Experience with CyberArk PAM and Tenable/Nessus Vulnerability Management solutions.
• Working technical knowledge of CASB, CSPM and other cloud native security tools.
• Strong understanding of IP, TCP/IP, and other network administration protocols.
• Strong understanding of Windows and Linux Operations systems.
• Familiarity with Microsoft 365 E5 Security stack and optimization of license usage is considered an asset.
• Experience with Microsoft Azure cloud security architectures and solutions.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.
• Provide on-call support for end users for all in-place security solutions.
• Evaluate procured cloud services to ensure they are meeting existing security standards

JOB PURPOSE

Reporting Directly to the Director, Cyber Security, the Cyber Security Analyst, Network is responsible for performing two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. The Cyber Security Analyst, Network role includes involvement in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as ensuring compliance of cloud service providers. The Cyber Security Analyst, Network is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines, and to actively work towards upholding those goals.

KEY DUTIES AND RESPONSIBILITIES

Strategy & Planning

• Participate in the planning and design of enterprise security architecture.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).
• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan.

Acquisition & Deployment

• Maintain up-to-date, detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically, and the enterprise’s security documents specifically.
• Evaluate new and possible cloud vendors on security features and advise the organization on those that meet organizational security standards and policies.

Operational Management

• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices (e.g. Security Tools, Firewalls etc.)
• Maintain operational configurations of all in-place security solutions as per the established baselines.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Review logs and reports of all in-place devices, whether they be under direct control (e.g. security tools) or not (e.g. workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
• Participate in investigations into problematic activity.
• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.