Aecon Group Inc. is a Canadian leader in infrastructure development, focused on building sustainable projects for future generations. The Jr. Security Analyst plays a key role in supporting daily security operations and advancing the information security roadmap, monitoring environments for security events and addressing vulnerabilities.
Support the day-to-day operations of the information security program
Monitor multiple environments to detect, validate and respond to anomalous activity, security events, or unauthorized access of information assets
Work to promptly resolve tickets related to information security, such as virus/malware infections on desktop, phishing, suspicious network traffic and vendor account reviews
Responsible for conducting vulnerability scans and coordinating all vulnerability remediation from any source (e.g. SAST/DAST scans, network scans, pen tests, etc.)
Actively seek mitigation or closure in identified security risks and gaps
Track security trends/events to provide information on monthly security reporting
Utilize problem solving to find root cause in security incidents
Work collaboratively with other Information Services teams to reach common resolutions and goals
Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, incident management and security tool implementation
Conduct security product evaluations, and recommend products, technologies and upgrades to improve Aecon’s security posture
Liaise with security product and service vendors to provide day to day support and monitoring of all networks
Work with our internal Communications and Learning teams to provide security awareness and training materials for a wide range of audiences, which ranges from senior leaders to field staff
Provide management of regular phishing simulations including, but not limited to, selection of templates, launching of campaigns and providing reporting & enforcement of compliance with phishing related policies
Monitor, triage and respond to emails that have been reported by employees as suspicious and potential phishing attacks. Provide monthly metrics related to these reported emails
Support the operational components of incident management, including detection, response, and reporting
Provide 24/7 oversight to security operations as it relates to monitoring and alerting of potential security incidents. Be available at any time to actively manage security incidents once they are confirmed by the Security Operations team
Qualification
Required
A Bachelor's degree in Information Systems, Information Security or related field
1-2 years' experience applying information security principles and practices in an enterprise environment, or 1-3 years of experience supporting information technology
Knowledge of security technologies and tools such as SIEM, IPS, EDR, MDM, web content filters and email security gateways
A good understanding of the business impact of security tools, technologies and policies
Knowledge of Windows and Linux operating systems, and network protocols
Experience troubleshooting technical issues, with excellent analytical and problem-solving skills
An ability to manage multiple tasks with minimal supervision
Excellent reporting skills, with demonstrated ability to create reports
Strong verbal, written and interpersonal communication skills
Preferred
Working towards CISSP and/or Security+ certifications would be an asset
Benefits
Services needed to support your mental, emotional, and physical well-being
Aecon University and Leadership Programs
Equity, Diversity & Inclusion training
Aecon Women in Trades and Aecon Diversity in Trades programs
Employee Resource Groups (ERGs)
Aecon Group Inc. (TSX: ARE) is a North American construction and infrastructure development company with global experience.
Glassdoor
4.0
Founded in 1877
Toronto, Ontario, CAN
10001+ employees
http://www.aecon.com/
Aecon Group Inc. (TSX: ARE) is a North American construction and infrastructure development company with global experience.