Job Description

UPEI (University of Prince Edward Island) requires an experienced Information Security Analyst to protect the confidentiality, integrity, and availability of IT (Information Technology) assets and data University wide. The Information Security Analyst will be instrumental in the ongoing maturity of information security procedures and practices.

UPEI ITSS (Information Technology Systems and Services) is responsible for the establishment of and assessment against Information Security architecture policies, standards, and guidelines to ensure that systems are designed, built, implemented, and integrated in a manner that minimizes security and compliance risk while ensuring UPEI\'s organizational needs are met. The Information Security Analyst\'s primary mandate is to protect the confidentiality, integrity, and availability of IT assets and data University wide.

RESPONSIBILITIES:

• Operational administration and maintenance of the university\'s IT security applications and plans
• Performs daily system monitoring of computer systems and networks for issues
• Investigates suspected security issues, identifies root cause, and determines if it was caused by security breach or another incident. Performs initial assessment of exposure scope
• Monitors email systems and responds to \'phishing\' emails and \'pharming\' activity. Provides advice and guidance to staff on issues such as spam and unwanted or malicious emails
• Works independently, with the ITSS team, or with clients and stakeholders, to install security components to protect systems, and information infrastructure, including anti-malware agents, monitoring, and other programs
• Conducts security assessments, including testing of processes, system and application vulnerability testing and risk analysis. Identifies potential weaknesses and offers recommendations to remediate vulnerabilities to ITSS Manager of Network and Infrastructure Solutions
• Provides first level troubleshooting and resolution for security systems including end point security software, third party security systems/applications and cross functional issues requiring collaboration
• Performs operational administration of various security applications including SIEM (Security Incident and Event Management), Email System, Endpoint Anti-Malware, Firewall, and IDS (Intrusion Detection System)
• Works with ITSS management, system and network administrators, and process owners to remediate security issues, and document security incidents
• Change and configuration management
• Upgrades, patches, performance, and usage issues
• Documentation of processes including countermeasures or mitigating controls
• Disaster planning and business continuity
• Assists with the creation, maintenance, and delivery of cyber security awareness training
• Develops security awareness by providing orientation, educational programs, and ongoing communication
• Prepares written technical documentation for processes, procedures, and standards
• Collaborates with other departmental staff regarding cross-functional processes, procedures, and standards
• Assists various internal UPEI client communities with security related questions, issues, and problems
• Liaises with internal UPEI clients to maintain and improve security on a variety of business systems, applications, processes, and procedures
• Actively participates and represents UPEI (ECN PEI) with organizations such as CUCCIO (Canadian University Council of CIOs), CANARIE, ECN, and implement initiatives and programs in which UPEI has agreed to participate

QUALIFICATIONS:

• Undergraduate degree in Computer Science, Information Systems, or a related field. Equivalent working experience will be considered
• Certifications such as CISSP, Security+, or GSEC (GIAC Security Essentials); from ISACA, ISC2, or similar body is considered but not required
• Information Technology recognized training (e.g., OFFSEC, SANS, security vendor) would be an asset
• Minimum 5 years\' experience in Information Technology with at least 3 years\' experience working with security applications. Demonstrated knowledge of IT security principles, practices, technologies, and procedures
• Operational experience with the following: Security Event Monitoring (SIEM), enterprise endpoint management, Web Application Firewalls (WAF), endpoint anti-malware, DLP (Data Loss Prevention) and HIPS, Intrusion Prevention IDP (Identity Provider) security system management
• Demonstrated expertise in the following: Linux administration, Microsoft server administration, networking technologies, M365 security, Azure security, Active Directory/LDAP
• Demonstrated understanding of the following: technical capability of security components, vulnerability assessment, authentication techniques, security attack pathologies, risk assessment procedures, IT auditing practices
• Understanding of the cyber security risks associated with various technologies and ways to protect
• A working knowledge of various security technologies such as network and application firewalls, host intrusion and prevention and anti-virus
• Excellent IT skills, including a passion for cybersecurity, knowledge of computer networks, operating systems, software, hardware, and security
• Ability to work as part of a team and to build strong relationships with staff and other relevant individuals
• Excellent written communication skills, technical report writing is an asset
• Time-management and organizational skills to manage a variety of tasks, prioritize workload and meet deadlines
• Excellent attention to detail, analytical skills, and an ability to analyze complex technical information to identify patterns and trends
• Ability to work under pressure, particularly when dealing with threats and at times of high demand

Application Instructions:

Please submit electronically a cover letter, quoting the competition number, a resume and reference list to be received no later than the closing date via the link posted on the . Applications will not be accepted via email.

If you are unable to apply online, you can drop off your resume to the Human Resources Department, Kelley Building, University of Prince Edward Island, 550 University Avenue, Charlottetown, PEI C1A 4P3, Fax Number (902) 894-2895.

UPEI is committed to equity, diversity, inclusion, and reconciliation and believes in providing a positive learning and working environment where every person feels empowered to contribute. UPEI is committed to the principle of equity in employment and encourages applications from underrepresented groups including women, Indigenous peoples, visible minorities, persons with disabilities, persons of any sexual orientation or gender identity, and others with the skills and knowledge to productively engage with diverse communities. If you require accommodation in any part of the process, please direct your inquiries, in confidence, to our HR Officer, .

University of Prince Edward Island