Job Description

Role impact:

The Senior Information Security Analyst is responsible for the identification, investigation, and resolution of security events; as well as for conducting vulnerability audits and taking timely action to remediate findings. They are involved in the design, configuration, and implementation of security solutions. They are also accountable for the creation and maintenance of standards, baselines, guidelines, and procedures. The Senior Information Security Analyst is expected to be fully aware of the enterprise\xe2\x80\x99s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding and further developing those goals to improve CF\xe2\x80\x99s Information Security maturity level.

What you will deliver:

• Work with Managed Security Services Providers (MSSP\xe2\x80\x99s) to manage the security configuration and operation of managed security technologies; respond in a timely manner to escalated security incidents and work with external and/or internal stakeholders to provide timely resolution.
• Review (and/or oversee the monitoring of) logs and reports of existing systems; interpret the implications of identified activity and devise plans for appropriate resolution.
• Participate in the design and execution of vulnerability assessments, penetration tests, security audits, and remediation of identified vulnerabilities.
• Participate in the planning and design of enterprise security architecture; maintain and improve configurations of security solutions for efficient and appropriate operations.
• Participate in the creation of enterprise Information Security documents (policies, standards, baselines, guidelines, and procedures).
• Compile metrics related to the Information Security program, analyze threat trending, and develop a mitigation strategy to minimize identified risks.
• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan
• Recommend new security solutions or enhancements to existing security solutions to improve overall enterprise security posture
• Participate in the deployment, integration, and security configuration of new IT solutions and of any enhancements to existing IT solutions in accordance with standard best operating procedures and the enterprise\xe2\x80\x99s security standards.
• Maintain up-to-date baselines for the secure configuration and operations of IT systems, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Maintain up-to-date detailed knowledge of the Information Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Identification, investigation, and resolution of security events
• Design, configuration, and implementation of security solutions.
• Supporting security audits and managing the remediation of identified vulnerabilities.
• Creation and maintenance of standards, baselines, guidelines, and procedures.
• Taking adequate and timely action to enhance the security posture of the organization

What your strengths are:

• Working knowledge of variety of security technologies in areas of: End Point Protection, IPS/IDS, Malware Protection (Network), SIEM, L7 Firewalls, Digital Certificates, Patch Management, URL filtering, Identity and Access management (IAM), Cloud Security Operations (AWS, Azure, GCP) etc.
• Strong understanding of TCP/IP, IPSEC, SSL/TLS and other network and encryption protocols.
• Strong understanding of all currently supported Windows operating systems; knowledge of Linux distributions is an asset
• Strong understanding of Security Operations in existing Cloud environments (AWS, Azure, GCP)
• Working knowledge of CyberArk platform (IAM) administration in is an asset
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Excellent written, oral, and interpersonal communication skills.
• Proven ability to conduct research into Information Security issues and security products as required.
• Proven ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated; able to work with minimal supervision.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

What you need to succeed:

• Post-secondary education in Computer Science or equivalent combination of education and experience that satisfy the requirements of the position.
• Minimum 5 years of progressive responsibilities in managing security systems, Incident Response, Risk Assessments, Vulnerability Management, Cloud Security Operations (AWS/Azure/GCP), Identity and Access Management, User awareness training, Mobile Device Management (MDM), etc.
• CISSP and other security certificates will be considered as an asset
• This position is expected to perform with minimal supervision.
• Being able to participate in after-hours incident management when needed

Why you should join us:

At Cadillac Fairview we have been transforming communities for over 50 years. We are so much more than our properties. We are building leaders at all levels. We offer the challenge of interesting work, a great organizational culture, the opportunity to collaborate with the best in the business, and support for your growth and development. We reward values-based behavior and superior results with a competitive rewards package that includes best-in-class benefits and pension. Imagine a place where you can make a difference!

At CF our everyday actions and critical business decisions are guided by our CF Values. Achieving results is naturally important for us and we achieve results through behaviours that are consistent with our CF Values.

Are you someone who believes in our values?

• Aim Higher - we strive to exceed expectations
• Own Your Expertise - we empower ourselves and each other
• Collaborate Effectively - we bring the right people together to get the right results
• Engage with Empathy - we objectively consider the needs of others
• Embrace Change - we drive, learn from, and adapt to change

At CF you\'ll join a diverse community and award-winning team where your talent and commitment to excellence are welcomed, valued and respected. We\'re ready to meet you there - are you?

CF is an equal opportunity employer and is committed to creating a diverse and inclusive environment. If you need reasonable accommodation during the recruitment, assessment, and/or selection process, please notify your CF contact or email cfcareers@cadillacfairview.com.

Cadillac Fairview