IT Security Analyst
Do you want to work for one of BC’s Top Employers for 2021 and join an innovative, technology-driven and growth-focused organization?
LandSure Systems Ltd. (LandSure) is looking for an IT Security Analyst to join our team.
Who we are:
LandSure is a subsidiary of the Land Title and Survey Authority of British Columbia (LTSA), a publicly accountable, statutory corporation that manages BC’s land title and survey systems. Our team of more than 70 employees supports the LTSA through information system consulting services, project management, customer support, and communications.
We offer meaningful work in the public interest. In support of the Province’s 30-point housing plan, LandSure has helped the LTSA build and launch the Condo and Strata Assignment Integrity Register as well as the Land Owner Transparency Registry, a first-of-its-kind registry.
We offer an innovative, performance-driven culture. We have helped the LTSA become a leader in automated property registration and through technology, we are reducing turnaround time for customers and improving the consistency, accuracy and efficiency of the LTSA’s services. We also build and manage innovative products such as ParcelMap BC and AUTOPROP, which support access to information for the land and real estate sectors.
We offer balance. LandSure provides employees with the ability to work for a stable, independent, values-driven technology company. The environment is entrepreneurial, innovative, and fast-paced yet supportive. Our culture is of mutual respect, constantly improving our professional and personal skills, and celebrating our accomplishments.
What you'll do:
Reporting to the Manager, Systems & Information Security, the IT Security Analyst will be the main point of security escalations, provide subject matter expertise on how to improve our security program, and ensure cybersecurity best practices adhering to corporate policies and procedures.
Key responsibilities of the IT Security Analyst are to:
- Assist in developing, implementing and maintaining the Information Security Program policies, procedures and practices
- Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
- Validate security events generated from SIEM and logs from feeding subsystems such as Firewalls, Domain Controllers, Servers, PCs, laptops, Office365, AWS, IDS, etc.
- Complete security assessments and privacy impact assessments on information systems, SaaS, and business processes
- Implement and monitor progress of remediation plans
- Collaborate with system administrators to ensure that appropriate controls are installed, operating properly, in accordance with the corporate policies. Conduct periodic audits
- Conduct vulnerability assessments and system hardening
- Ensure compliance to required corporate security standards, procedures, guidelines and processes
- Participate in audits related to security and compliance
- Respond to critical business impacting situations and coordinate the efforts required to engage the proper resources to remediate the issue
- Act as a member of the escalation team for the Information Security Incident Response Plan
- Assist in delivering quarterly phishing campaigns
- Administer security awareness training for onboarding and existing employees
We encourage you to apply if you have:
Education and Experience
- Diploma or Bachelor's degree in Computer Science
- Certified Information Systems Security Professional (CISSP) designation
- 3+ years of progressive experience in an information security role plus a strong background (5+ years) in an information system or network administration role
- A certification in one or more of the following is desirable:
- Certified Cloud Security Professional (CCSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Cybersecurity Practitioner Certification (CSX-P)
- ISO 27001 Lead-Audit
Knowledge, Skills and Abilities
- Must have strong interpersonal, problem-solving, and conflict-resolution skills
- Must have the ability to multitask and work with careful attention to detail
- Must have excellent oral and written communication skills in English
- Demonstrated ability to engage and collaborate with employees, presenting a friendly, approachable demeanor to leverage security to help others succeed
- Working experience in the following areas: incident response, system, application and network security, vulnerability management, threat modelling, penetration testing, web and network protocols, intrusion detection, firewalls, and encryption technologies and AV/EDR
- Practical and operational experience with cyber security services and tools (Rapid7, CloudFlare, Imperva, AWS Security Services, Azure Security Services, etc.)
- Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 800-53, COBIT5, etc.) and regulatory frameworks (FIPPA, PIPA, SOX, PCI-DSS 3.2, HIPAA, GDPR, etc.)
- Working knowledge and hardening skills on information technologies including Linux, Windows, VMWare, MySQL, MSSQL, IBM DB2, etc.
- Working knowledge of network protocols, DNS, DHCP, and networking devices (routers, VPNs, proxies, firewalls)
- Working knowledge and hardening skills on Cloud technologies including AWS and Azure
The LTSA operates critical systems that underpin BC’s private property market, civil justice system, taxation and Crown land management frameworks. Ensuring we hire properly qualified and suitable candidates is necessary for the programs and activities of the LTSA and LandSure. As part of our hiring process, we will request that a candidate supply certain personal information so that we may conduct identity, reference, education and credential verification, and criminal record checks. Credit bureau inquiry checks may also be conducted for certain positions. As a public body, the LTSA is authorized to collect personal information under section 26(c) of the Freedom of Information and Protection of Privacy Act (FIPPA).