The Sr. IT Security Analyst will work out of the Mississauga office and is responsible for Computer Systems & Support, focusing on identifying and analyzing threats and vulnerabilities to Pinchin’s systems and networks.
The Sr. IT Security Analyst will assist with the secure development of Pinchin’s internal web applications and other software development activities. They will also research and recommend actions, tools, systems, and processes to remediate the various threats and vulnerabilities while considering current/future trends.
Pinchin offers a competitive salary and benefits package and a company culture that values an equitable work/life balance. We also contribute to RRSP’s, paid professional development, group employee benefits, paid community involvement, as well as several other benefits.
Conduct penetration tests on business-critical infrastructure and applications to support the organization’s risk management program
Provide quality assurance and technical reviews of deliverables, results and internal documentation (peer review)
Evaluate remediation options and provide consultative support with implementation of remediation steps, standards, and best practices
Provide centralized security governance in the applications development process. Advise software development teams as the security professional within the development process
Coach developers on ways to integrate security tools into their development processes
Advise, analyze, and investigate cybersecurity threats, vulnerabilities, and security incidences. Participate and assist in incident response and forensics activities
Advise the business as a subject matter expert on policies, procedures, standards, and controls regarding cybersecurity
Research, monitor, and analyze security related news and bulletins in relation to the potential impact to Pinchin
Investigate and recommend adoption of emerging application security solutions, tools and processes. Assist in the development of business cases, vision, and detail requirements for security related technologies
Participate in the security audit process (internal and external), as required
Coordinate Internal and external vulnerability scans, audits, and testing
Degree or Diploma in Computer Science, Information Technology, or other IT-related field of study
OSCP certifications preferred
CISSP, CISM or equivalent security certification would be considered an asset
Minimum of 5 years’ experience in analyzing business problems, defining conceptual and detailed security requirements for enterprise applications and information technology
Minimum of 5 years’ experience in enterprise application development and software development lifecycle (SDLC)
Knowledge of the following platforms in an enterprise environment: Microsoft Windows, Solaris, Linux
Knowledge of network and security technologies such as TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching
Experience with delivering penetration tests on both infrastructure and applications in a global environment including scoping, execution, reporting and stakeholder management
Knowledge of AWS and Azure common attack vectors
Experience dealing with technical and business stakeholders throughout all phases of the engagement
Experience in Agile, CI/CD and DevSecOps methodologies and procedures would be considered an asset
Knowledge of programming languages and/or scripting languages (PHP, Perl, Python, Ruby, etc)
Extensive theoretical and technical knowledge of computer security, application defense strategies, application level security, system and network configuration and security, and identity and authentication strategies and technologies would be considered an asset
Experience with analyzing and testing threats and vulnerabilities
Clear and effective written and oral communication skills and the ability to communicate to all levels of internal and external customers including Auditors.
Proven analytical abilities and problem-solving skills
Expert computer skills (MS Office, Visio)
Experience with security tools; Identity Lifecycle Management, authentication technologies, and network monitoring would be considered asset
Pinchin Ltd. is a multidisciplinary consulting firm that has been committed to Environmental Health and Safety for over 35 years and provides a wide range of engineering, building sciences, geosciences, environmental, and occupational health and safety solutions across Canada. We are committed to excellence and dedicated to addressing the needs of our clients.
Take a look to see all Pinchin has to offer: www.pinchin.com/working-at-pinchin
You can also see what our employees have to say. Take a look at our reviews on Indeed: https://goo.gl/7USfE8
To apply for this position, click on the “Apply” button. We appreciate interest from all candidates, but only those invited to interview will be contacted.
Pinchin is committed to fostering an inclusive respectful and accessible environment, for job applicants, employees and customers. Reasonable accommodation will be provided when needed. If you require accommodation due to a disability or medical need during the application process, please contact us at 1-855-746-2446.