IT Security Analyst I

at  Calgary Board of Education

MISSION

The Calgary Board of Education (CBE) is the largest school board in western Canada with over 131,000 students and 15,000 employees. Our mission: Each student, in keeping with their individual abilities and gifts, will complete high school with a foundation of learning necessary to thrive in life, work and continued learning. We pride ourselves in the values we hold. Students come first. Learning is our central purpose. Public education serves the common good. The CBE encourages an inclusive and equitable workplace, which supports our diverse student and employee community. We encourage all applicants to join our dynamic, diverse, and collaborative culture and welcome applications from all qualified individuals.
When you apply to the CBE, you can feel good about serving our future leaders and contributing to student success.

EDUCATION AND EXPERIENCE

• A post-secondary degree in Information Technology.
• Minimum of two (2) years of experience in an Information Technology Role with at least one (1) year focussed on Information Security or Cybersecurity.
• CISSP or GIAC SANS (intermediate level or higher) Security certification.
• Direct working experience in Information Security would be a definite asset.
• Networking and computer desktop systems experience is highly desirable.
• Keen awareness of ISO/IEC:27001:2013 highly desirable.
• ITIL certification highly desirable.
• An equivalent combination of directly related post-secondary education and directly related experience may be considered.

DEMONSTRATED SKILLS AND COMPETENCIES

• Working knowledge of the following IT security systems: firewalls, anti-virus, anti-spam, intrusion detection, content filtering, virtual private networks (VPN), and encryption systems.
• Knowledge of desktop and server operating systems (Windows, Linux, Solaris).
• Knowledge of standard network diagnostic equipment, network protocols and traffic analysis. Working knowledge of switches, routers and bridges.
• Familiarity with common attack methodologies, tactics and protocols.
• Good knowledge of Batch and Power Shell Scripting.
• Ability to converse effectively with business users and simplify complex technical concepts for non-technical audiences.
• Ability to establish and maintain effective working relationships with co-workers and clients.
• Strong oral and written communication skills and interpersonal skills.
• Willingness to learn and apply new techniques (business processes, systems, hardware and software).
• Ability to function effectively and independently in high-pressure situations with constantly changing priorities.
• Strong organization skills with ability to prioritize many simultaneous responsibilities.
• Ability to maintain strict level of confidentiality.
• Commitment to continuously learn and grow intellectually.
• Reliable, dependable and trustworthy.
• Personal suitability.

Provides support and assistance to day-to-day IT Security Operations requirements

• Under the supervision of senior information security staff, creates and maintains policy and rule-sets on firewalls, intrusion detection systems, VPNs, unified threat management platforms and other related systems.
• Ensures anti-virus pattern files and engines are up to date.
• Maintains web and content filtering rules and bandwidth policies.
• Ensures that information security components including disk encryption and all cryptographic systems are operational and are performing optimally.
• Monitors systems performance, health and alerts and takes appropriate preventative and corrective actions.
• Follows change control, and testing processes for effecting modifications to information security systems and other related components.
• Participates as a member on Computer Emergency Response Team (CERT) tasked with resolving major system or technology issues.
• Participates as a member of an Emergency Response Team (ERT) assisting a cross functional team with resolving major system or technology issues.
• Monitors Security Alert Bulletins and makes recommendation on severity of vulnerabilities and patch time period.
• Monitors product and security bulletins for vulnerabilities and to ensure updates such as security patches, hot fixes, cumulative updates, and Service Packs are applied in a timely fashion, to meet security and functionality requirements.
• Schedules, tests and conducts patching activities.
• Performs vulnerability scanning and ‘hardening’ activities to secure systems and applications by reducing or eliminating vulnerabilities and/or possible avenues for attacks.
• Assists senior information security staff with training and security awareness activities

Provides support and assistance to day-to-day IT Security Operations requirements

• Under the supervision of senior information security staff, creates and maintains policy and rule-sets on firewalls, intrusion detection systems, VPNs, unified threat management platforms and other related systems.
• Ensures anti-virus pattern files and engines are up to date.
• Maintains web and content filtering rules and bandwidth policies.
• Ensures that information security components including disk encryption and all cryptographic systems are operational and are performing optimally.
• Monitors systems performance, health and alerts and takes appropriate preventative and corrective actions.
• Follows change control, and testing processes for effecting modifications to information security systems and other related components.
• Participates as a member on Computer Emergency Response Team (CERT) tasked with resolving major system or technology issues.
• Participates as a member of an Emergency Response Team (ERT) assisting a cross functional team with resolving major system or technology issues.
• Monitors Security Alert Bulletins and makes recommendation on severity of vulnerabilities and patch time period.
• Monitors product and security bulletins for vulnerabilities and to ensure updates such as security patches, hot fixes, cumulative updates, and Service Packs are applied in a timely fashion, to meet security and functionality requirements.
• Schedules, tests and conducts patching activities.
• Performs vulnerability scanning and ‘hardening’ activities to secure systems and applications by reducing or eliminating vulnerabilities and/or possible avenues for attacks.
• Assists senior information security staff with training and security awareness activities.

Contributes to the development and implementation of IT Security Designs

For simple to moderately complex systems:

• Designs, plans, installs and configures information security components, and complimentary management suites.
• Assists system architects, system analysts, and technology stakeholders in specifying the Information Security components in support of new business systems or enhancements to existing applications or solutions.
• Leads the design, planning and development of security architectures for infrastructure technologies as well as business systems and solutions.
• Collaborates with network engineering, business application, information security server administration and database administration functions to ensure confidentiality, availability, integrity of systems to meet business needs.
• Provides accurate task estimates and timelines as part of work planning.
• Initiates, plans, and coordinates schedules of activities related to major infrastructure upgrades, and changes.
• Creates and maintains thorough documentation for information security components, standards, and tasks.

For complex systems:

• Assists senior information security staff on all of the above.

Supports and conducts IT Security reviews, audits and investigations related to simple to moderately complex incidents and issues

• Performs periodic reviews and audits on devices, applications and systems.
• Analyzes information security systems for anomalies, unusual traffic patterns, Indicators of Compromise (IOC), etc.
• Provides detailed reporting of threats, vulnerabilities, errors, intrusions and other information as required.
• Conducts routine IT security investigations using digital forensics tools. Such investigations would include, but not be limited to inappropriate use of electronic resources, student duty of care incidents, phishing, data breaches, and compromised accounts.
• Liaises with law enforcement on IT Security matters and/or security investigations when authorized.
• Assists senior information security staff with IT Security reviews, audits and investigations related to more complex incidents, and issues.
• Maintains a very high level of confidentiality and demonstrates a very high degree of discretion related to security incidents.
• Documents findings of reviews, audits and investigations in appropriate reports.
• Assists senior information security staff with the documentation and preparation of appropriate reports related to more complex incidents, issues and investigations.

Conducts analyses and assessments related to simple to moderately complex incidents and issues

• Conducts vulnerability assessments using defined practices and tool sets and documents results together with proposed actions for remediation.
• Conducts simple to moderately complex risk assessments.
• Assists senior information security staff with conducting complex system or technology risk assessments.
• Under the direction of the Supervisor of Security Operations, conducts and validates research for the purposes of defining and/or modifying CBE information security policy.
• Under the direction of the Supervisor of Security Operations, conducts and validates research and documents sub-components of CBE’s Disaster Recovery (DR) and Business Continuity Plans (BCP).
• Remains current with trends and issues in the information security industry.

Provides other related IT functions

• Performs other related responsibilities as assigned to meet the purpose and accountabilities of the role.
• Liaises with vendors and external agencies as required.
• Prepares and delivers presentations.
• May be required to participate in a 7x24 on-call rotation based on a predetermined schedule.