IT Security Analyst

at  De Havilland

De Havilland Aircraft of Canada Limited (DHC) is a storied name in the aerospace industry, recognized worldwide for its pioneering contributions to aviation and its unwavering commitment to quality, innovation, and reliability. Headquartered in Calgary, AB, DHC currently has approximately 1,400 employees across British Columbia, Alberta and Ontario, as well as in markets and distribution hubs world-wide.
Established in 1928, De Havilland Canada has a rich history marked by the development of some of the most iconic and versatile aircraft ever built. These aircraft have served a variety of roles—from bush flying to commercial aviation—and are celebrated for their rugged durability, operational versatility, and excellence in performance.
Over the decades, De Havilland Canada has evolved to meet the changing needs of the aviation industry. Today, we are more than just an aircraft manufacturer; we are a comprehensive aerospace company with capabilities that span design, production, maintenance, repair, and overhaul (MRO) services. Our operations are supported by a team of skilled engineers, technicians, and industry professionals who are dedicated to upholding the highest standards of craftsmanship and innovation.

POSITION SUMMARY:

Responsible for performing security audits, risk assessments, and analysis. This also includes making recommendations for enhancing security for all IT systems, researching attempted breaches of IT security, rectifying security weakness and recommending improvements. This individual will also be required to formulate security policies and procedures. They will be responsible for ensuring the stability, integrity, and efficient operation of the organization’s overall IT security. This individual will also play a role in planning, designing, and implementing new IT security related projects and initiatives as well as take a security advisory role in other IT projects when assisting Infrastructure team.

EDUCATION/SKILLS:

• University degree in a related field or 2-year information technology diploma or 10 years related experience in Infrastructure
• Any combination of one or more of the following professional designations is preferred: CEH, GSEC, OSCP, CCNP Security, Security+, CISSP
• Knowledge of TCP/IP, encryption fundamentals, firewall/VPN/IPS systems, vulnerability management, mobile device management, etc.
• Deep understanding of the Microsoft Cybersecurity Reference Architecture
• Demonstrated experience implementing and operationalizing Microsoft security services and technologies.
• Demonstrable experience implementing zero-trust controls and principles, including conditional access and related policies.
• Knowledge of Window/Mac/Linux operating systems
• Knowledge of current and emerging threats
• Knowledge of ITSM & certification inI TIL v3is desirable
• Knowledge of Forit net and Meraki equipment
• Knowledge of Azure and AWS cloud services
• Knowledge of information security standards such as NIST, ISO 27001, and CIS
• Excellent written and oral communication skills
• Excellent ability to communicate complex topics and ideas to a wide variety of audiences
• Ability to work independently and within a team environment
  At De Havilland Aircraft of Canada (DHC), we are committed to protecting our people, customers, shareholders and the public through Health & Safety Excellence. As such, it is expected that all employees maintain strict adherence to Health & Safety Policies and to perform key physical tasks of the position described in the job description and interview process. This may include but is not limited to the ability to work in a variety of environmental conditions including temperature extremes, confined spaces, working at heights and with or around chemicals. Employees are expected to adhere to the use of personal protective equipment (PPE) when at work which must include but is not limited to the ability to maintain a positive fit test when mask use is required.
  At De Havilland Canada, we aim to be inclusive and diverse and provide equal opportunity for employment. All qualified applicants, regardless of gender, age, race, religion, sexual orientation, and disability, are encouraged to apply. De Havilland will accommodate the needs of applicants with disabilities throughout all stages of the selection process. If you need accommodation during the recruitment process, please advise your Talent Acquisition representative. Information relating to the need for accommodation and accommodation measures will be addressed confidentially.
  Any offer of employment is conditional on the completion of positive and satisfactory background checks, which may include, proof that you are legally entitled to work in Canada, professional references, verification of employment history, verification of educational background and criminal background checks

• Vulnerability Management
• Works with various technical leads and system/network administrators to better understand and mitigate risks in their environments.
• Identifies areas of risk in our and third-party systems that may lead to the possibility of being attacked or harmed and classifies these risks based on a wide variety of criteria such as risk ratings, criticality, availability of exploit code, ease of exploitation, results of a successful exploitation, required expertise etc.
• Remediates vulnerabilities by working with appropriate system and service owners to ensure they have a complete picture of where their risk exists and a reasonable plan to address these risks.
• Vulnerability Management
• Works with various technical leads and system/network administrators to better understand and mitigate risks in their environments.
• Identifies areas of risk in our and third-party systems that may lead to the possibility of being attacked or harmed and classifies these risks based on a wide variety of criteria such as risk ratings, criticality, availability of exploit code, ease of exploitation, results of a successful exploitation, required expertise etc.
• Remediates vulnerabilities by working with appropriate system and service owners to ensure they have a complete picture of where their risk exists and a reasonable plan to address these risks.
• Security Incident Response
• Acts as a first responder for detected system breaches and account compromises by assessing the situation and determining the appropriate points of follow-up or escalation
• Ensures forensic integrity and chain-of-custody is maintained for all analyzed media, devices and resources involved in a potential breach or compromise
• Provides technical security subject matter expertise to third party law enforcement agencies
• Act as the internal subject matter expert, working with both the business, and any third party security response companies as required.
• Security Infrastructure Management (Firewalls/VPN/IPS)
• Upgrades firewall and VPN operating systems and associated software to ensure current code releases and bug fixes are implemented
• Maintains the base configuration image and documentation for firewall and VPN deployments.
• Builds and develops custom threat signatures to keep pace with emerging threats as required
• Development and implementation of an Intrusion Prevention and Detection deployment, as well as third-party intelligence gathering technologies
• Education and Awareness
• Present on various security topics to a wide range of organizational audiences as required
• Liaison with other units, roles, and individuals throughout organization to develop effective security related training
• Other
• Participate in after-hours and weekend requests for assistance with security related duties
• Troubleshoots unexpected or unplanned outages and works with other members of IT to see the incident through to completion
• Other duties are assigned.