As an IT Security Administrator, you will be responsible for assuring the secure operation of Richter’s systems, servers, online or hosted environments and network connections. This includes auditing and log analysis, establishing security operations, maintenance and troubleshooting. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion and conduct user activity audits where required. Working with management they will help develop and maintain a complete security framework designed to better protect the firm from security threats.
A week in a life of an IT Security Specialist:
Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
Design, implement, and report on security system and end user activity audits
Assess need for any security reconfigurations and execute them
In collaboration with the network operations team deploy, manage, and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and security software.
Manage connection security for local area networks, the company web site, the company intranet, and e-mail communications.
Manage and ensure the security of applications, databases and data transferred both internally and externally.
Perform penetration testing of all systems to identify system vulnerabilities.
Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
Maintain the disaster recovery plan for operating systems, databases, networks, servers, and software applications.
Recommend and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
Interact and negotiate with management, vendors, outsourcers, and contractors to obtain protection services and products.
Provide Security Awareness training and documentation for the firm and IT team
What we are looking for:
7+ years of experience in the field of information security with strong technical background.
CISSP and any GIAC certification or similar certification desirable
Good communication and documentation skills in both English and French (Strong asset)
Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
In-depth technical knowledge of network, PC, and platform operating systems, including the Windows Operating system and Linux open source software
Strong knowledge of TCP/IP and network administration/protocols.
Hands-on experience with network devices such as switches and routers.
Knowledge of applicable practices and laws relating to data privacy and protection for Canada (Ontario, Quebec)
Keep current with emerging security alerts and issues.
Keep current on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Intuition and keen instincts to pre-empt attacks.
High level of analytical and problem-solving abilities.
Strong interpersonal and oral communication skills.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Able to work in a team-oriented, collaborative environment.
Provide on-call security support