Sr. IT Security Analyst
UBC · United States · 3 days ago
RemoteRemoteInformation TechnologyFull-time
Job Responsibilities
- Ensure security controls are deployed, operating effectively, and aligned with organizational security policies and standards.
- Monitor, review, analyze, and respond to security alerts generated from various security platforms.
- Tune and optimize security alerts to reduce false positives and improve detection effectiveness.
- Ensure assets are properly onboarded and reporting into required security monitoring and vulnerability management tools.
- Lead and support the vulnerability management lifecycle, including:
- Conducting regular vulnerability scans using automated tools,
- Analyzing scan results and prioritizing findings based on risk,
- Working closely with infrastructure, application, and development teams to remediate vulnerabilities and validating fixes,
- Perform and manage web application security scans, interpret findings, and provide clear remediation guidance to development teams.
- Absorb and respond to emerging threats, vulnerabilities, or risks relevant to the organization.
- Participate in incident response activities, including identification, containment, eradication, and recovery efforts.
- Assess, develop, and apply updated or strengthened security measures to respond to changing threats, regulatory and business requirements, enhancing both cloud and on-premises security posture.
- Work with IT, engineering, and business teams to develop, review, and implement secure configurations, standards, and policies.
- Assists project teams in the implementation of security measures to meet UBC cybersecurity policies and external governances, e.g., HIPAA, GDPR, CCPA.
- Maintain accurate and up-to-date security documentation for systems, applications, and processes.
- Collaborate with other security team members on security initiatives and best practices.
- Support annual security initiatives and defined deliverables aligned with the organization’s security roadmap.
- Participate in special projects and perform additional duties as assigned.
Desired Skills And Qualifications
- Bachelor’s degree in computer related field, or 4 – 6 years equivalent experience.
- 3 – 5 years of relevant working experience, preferably in IT Security.
- Certification in Information Security (GIAC - GSEC, Security+, CISSP, CompTIA CySA+ or equivalent) preferred.
- Strong understanding of information security principles and frameworks.
- Strong experience in vulnerability management, including scanning, remediation coordination, and verification.
- Hands-on experience with automated vulnerability scanning tools, including web application scanning solutions.
- Familiarity with web application security concepts (i.e., OWASP Top 10) and common attack techniques.
- Understanding of domain structures, user authentication, and digital signatures.
- Experience with various on-premises and cloud security controls and systems (i.e., MS Intune, MS ATP, MS Purview, Active Directory, IAM).
- Strong documentation and communications skills.
- Experience in research and analysing findings.
- Experience as part of an incident response team.
- Digital Forensics experience is a plus.
- Programming and scripting experience is a plus.
- Experience with cloud architecture is a plus.
- Experience or comprehension of AI tools and various uses is a plus.
- Demonstrated ability to coordinate with various teams for project/activity completion, work in a team environment, sharing workloads and responsibilities.
- Ability to work in a flexible environment where requirements and procedures continuously evolve.
- Ability to multi-task and manage time effectively.
- Flexible hours, with availability for after-hours support as needed.
- Participate in on-call rotation to respond to security alerts as needed.
Benefits
- Competitive salaries
- Growth opportunities for promotion
- 401K with company match
- Tuition reimbursement
- Flexible work environment
- Discretionary PTO (Paid Time Off)
- Paid Holidays
- Employee assistance programs
- Medical, Dental, and vision coverage
- HSA/FSA
- Telemedicine (Virtual doctor appointments)
- Wellness program
- Adoption assistance
- Short term disability
- Long term disability
- Life insurance
- Discount programs