IT Security Analyst

This competition is an internal expression of interest opportunity as part of the Service Excellence Transformation initiative and is restricted to NASA salaried university employees (Regular and Auxiliary Salary) currently employed with the university or within a current notice period. Applicants must demonstrate that they have recent and relevant experience performing some or all of the duties sought through the advertisement they are expressing interest in.  Please indicate your internal status using the "Advertisement" drop down menu when applying.

This position offers a comprehensive benefits package which can be viewed at: Faculty & Staff Benefits .

Reporting to the Team Lead, Security Operations, the IT Security Analyst is responsible for the operation, application, investigation, and enforcement of IT Security systems and policy for the University of Alberta.  The incumbent will be responsible for a wide range of technologies including firewalls, intrusion detection systems, remote access and vulnerability management tools to ensure the availability, integrity and confidentiality of University data and technical resources.  The IT Security Analyst will have a broad understanding of network, server and workstation security concepts and be able to effectively communicate them to a wide variety of audiences. They will provide input and assistance to the Chief Information Security Officer strategy on campus wide initiatives and provide security subject matter expertise to all faculties, departments and units at the University of Alberta.

Duties

Vulnerability Management

• Works with various technical leads and system/network administrators to better understand and mitigate risks in their environments. 
• Identifies areas of risk in University and third-party systems that may lead to the possibility of being attacked or harmed and classifies these risks based on a wide variety of criteria such as risk ratings, criticality, availability of exploit code, ease of exploitation, results of a successful exploitation, required expertise etc.
• Remediates vulnerabilities by working with appropriate system and service owners to ensure they have a complete picture of where their risk exists and a reasonable plan to address these risks.

Security Incident Response

• Acts as a first responder for detected system breaches and account compromises by assessing the situation and determining the appropriate points of follow-up or escalation
• Ensures forensic integrity and chain-of-custody is maintained for all analyzed media, devices and resources involved in a potential breach or compromise
• Provides technical security subject matter expertise to third party law enforcement agencies

Security Infrastructure Management (Firewalls/VPN/IPS) 

• Upgrades firewall and VPN operating systems and associated software to ensure current code releases and bug fixes are implemented
• Works with various stakeholders across campus to consolidate firewalls to the IST managed central firewall and VPN service
• Maintains the base configuration image and documentation for new firewall and VPN deployments.
• Builds and develops custom threat signatures to keep pace with emerging threats as required 
• Maintains all aspects of the Intrusion Prevention and Detection deployment, in-house developed plaintext password sniffer, as well as third-party intelligence gathering technologies including network taps, and network security monitoring servers and software

Anti-malware Systems

• Maintain campus wide network, endpoint and sandbox based anti-malware systems
• Integrate anti-malware systems with newly acquired security technologies to increase points of visibility into the campus network
• Review anti-malware alerts to determine potentially compromised devices and follow-up with the appropriate system owner
• Review malware samples to determine false positives or false negatives and action accordingly
• Review behavioural detections and indicators to determine if a potential compromise has happened

Education and Awareness

• Present on various security topics to a wide range of campus audiences as required
• Liaison with other units, roles and individuals throughout campus to develop effective security related training

Other

• Participates in the Security team's weekly 24/7 on-call rotation
• Responds to after-hours and weekend requests for assistance with security related duties
• Troubleshoots unexpected or unplanned outages and works with other members of IST or the University community to see the incident through to completion

Qualifications

• University degree in a related field or 2-year information technology diploma
• Any combination of one or more of the following professional designations is preferred:  CEH, GSEC, OSCP, CCNP Security, Security+, CISSP
• Knowledge of TCP/IP, encryption fundamentals, firewall/VPN/IPS systems, vulnerability management, mobile device management, etc.
• Knowledge of Window/Mac/Linux operating systems
• Knowledge of current and emerging threats
• Knowledge of ITSM  is desirable
• Knowledge of Information Technology Infrastructure Library (ITIL) concepts
• Knowledge of information security standards such as NIST, ISO 27001, and CIS
• Excellent written and oral communication skills
• Excellent ability to communicate complex topics and ideas to a wide variety of audiences
• Ability to work independently and within a team environment

COVID-19 Vaccination: Proof of full vaccination against COVID-19 in compliance with the University’s COVID-19 Vaccination Directive. Fully Vaccinated means a status an individual achieves 14 days after having received the recommended number of doses of a COVID-19 vaccine approved by Health Canada or the World Health Organization, and requires the individual to maintain the recommended number and type of vaccine doses as updated and required by Health Canada thereafter.

Note: Online applications are accepted until midnight Mountain Standard Time of the closing date.

We thank all applicants for their interest; however, only those individuals selected for an interview will be contacted.