Information Security Analyst

This position is a part of the Non-Academic Staff Association (NASA).

This position offers a comprehensive benefits package which can be viewed on our Benefits Overview page .

Location: This role is hybrid with a mix of remote and in-person and work primarily located at North Campus, Edmonton.

Working for the University of Alberta

The University of Alberta acknowledges that we are located on Treaty 6 territory, and respects the histories, languages and cultures of First Nations, Métis, Inuit and all First Peoples of Canada, whose presence continues to enrich our vibrant community.

The University of Alberta is teeming with change makers, community builders, and world shapers who lead with purpose each and every day. We are home to more than 40,000 students in 200+ undergraduate and 500+ graduate programs, over 13,000 faculty and staff, 260,000 alumni worldwide and have been recognized as one of Canada’s Greenest Employers for over a decade.

Your work will have a meaningful influence on a fascinating cross section of people—from our students and stakeholders, to our renowned researchers and innovators who are quite literally curing diseases, making discoveries and generating solutions that make the world healthier, safer, stronger, and more just.

Department/Faculty Summary

The University of Alberta acknowledges that we are located on Treaty 6 territory, and respects the histories, languages and cultures of First Nations, Métis, Inuit and all First Peoples of Canada, whose presence continues to enrich our vibrant community.

The University of Alberta is teeming with change makers, community builders, and world shapers who lead with purpose each and every day. We are home to more than 40,000 students in 200+ undergraduate and 500+ graduate programs, over 13,000 faculty and staff, 260,000 alumni worldwide and have been recognized as one of Canada’s Greenest Employers for over a decade.

Your work will have a meaningful influence on a fascinating cross section of people—from our students and stakeholders, to our renowned researchers and innovators who are quite literally curing diseases, making discoveries and generating solutions that make the world healthier, safer, stronger, and more just.

Position Summary

Reporting to the Team Lead, Security Operations, the Information Security Analyst is responsible for the operation, application, investigation, and enforcement of IT Security systems and policy for the University of Alberta. The incumbent will be responsible for a wide range of technologies including firewalls, intrusion detection systems, remote access and vulnerability management tools to ensure the availability, integrity and confidentiality of University data and technical resources. The Information Security Analyst will have a broad understanding of network, server and workstation security concepts and be able to effectively communicate them to a wide variety of audiences. They will provide input and assistance to the Chief Information Security Officer strategy on campus wide initiatives and provide security subject matter expertise to all faculties, departments and units at the University of Alberta.

Duties

Vulnerability Management

• Works with various technical leads and system/network administrators to better understand and mitigate risks in their environments. 
• Identifies areas of risk in University and third-party systems that may lead to the possibility of being attacked or harmed and classifies these risks based on a wide variety of criteria such as risk ratings, criticality, availability of exploit code, ease of exploitation, results of a successful exploitation, required expertise etc.
• Remediates vulnerabilities by working with appropriate system and service owners to ensure they have a complete picture of where their risk exists and a reasonable plan to address these risks.

Security Incident Response

• Acts as a first responder for detected system breaches and account compromises by assessing the situation and determining the appropriate points of follow-up or escalation
• Ensures forensic integrity and chain-of-custody is maintained for all analyzed media, devices and resources involved in a potential breach or compromise
• Provides technical security subject matter expertise to third party law enforcement agencies

Security Infrastructure Management (Firewalls/VPN/IPS) 

• Upgrades firewall and VPN operating systems and associated software to ensure current code releases and bug fixes are implemented
• Works with various stakeholders across campus to consolidate firewalls to the IST managed central firewall and VPN service
• Maintains the base configuration image and documentation for new firewall and VPN deployments.
• Builds and develops custom threat signatures to keep pace with emerging threats as required 
• Maintains all aspects of the Intrusion Prevention and Detection deployment, in-house developed plaintext password sniffer, as well as third-party intelligence gathering technologies including network taps, and network security monitoring servers and software

Anti-malware Systems

• Maintain campus wide network, endpoint and sandbox based anti-malware systems
• Integrate anti-malware systems with newly acquired security technologies to increase points of visibility into the campus network
• Review anti-malware alerts to determine potentially compromised devices and follow-up with the appropriate system owner
• Review malware samples to determine false positives or false negatives and action accordingly
• Review behavioral detections and indicators to determine if a potential compromise has happened

Education and Awareness

• Present on various security topics to a wide range of campus audiences as required
• Liaison with other units, roles and individuals throughout campus to develop effective security related training

Other

• Participates in the Security team's weekly 24/7 on-call rotation
• Responds to after-hours and weekend requests for assistance with security related duties
• Troubleshoots unexpected or unplanned outages and works with other members of IST or the University community to see the incident through to completion

Minimum Qualifications

• University degree in a related field or 2-year information technology diploma
• Any combination of one or more of the following professional designations is preferred: CEH, GSEC, OSCP, CCNP Security, Security+, CISSP
• Knowledge of TCP/IP, encryption fundamentals, firewall/VPN/IPS systems, vulnerability management, mobile device management, etc.
• Knowledge of Window/Mac/Linux operating systems
• Knowledge of current and emerging threats
• Knowledge of ITSM is desirable
• Knowledge of Information Technology Infrastructure Library (ITIL) concepts
• Knowledge of information security standards such as NIST, ISO 27001, and CIS
• Excellent written and oral communication skills
• Excellent ability to communicate complex topics and ideas to a wide variety of audiences
• Ability to work independently and within a team environment

Note: Online applications are accepted until midnight Mountain Standard Time of the closing date.

We thank all applicants for their interest; however, only those individuals selected for an interview will be contacted.