Position Analyst II, Security
Department Information Technology Services
Status Staff 100% full-time, Permanent
Start Date As soon as possible after closing date
Salary Scale $5,463.75 - $6,355.60 per month (Staff pay group 12)
Closing Date June 26, 2019
The University of the Fraser Valley (UFV) is nationally recognized for its emphasis on teaching excellence, experiential and applied education, community engagement, and Indigenization. UFV is the school of choice for over 15,000 students. With six campuses and centres, UFV offers undergraduate and graduate programs in the arts, sciences, and professional studies, as well as trades and technology education, university preparation, and continuing education.
At UFV, we are dedicated to changing lives and building community. Our educational goals are to prioritize learning everywhere; be flexible and responsive; collaborate across boundaries; develop local and global citizenship; and integrate experiential learning. A British Columbia “Top Employer”, we are committed to providing a welcoming, inclusive and dynamic learning and working environment that is fair and respectful of everyone. Our culturally diverse employee and student populations reflect the local, national, international and Indigenous communities we serve. If you see yourself as a lifelong member of a community that values and nurtures innovation and creativity, cultivates leadership and citizenship, and where success builds on success, you belong at UFV.
UFV Information Security is responsible for the establishment of and assessment against Information Security architecture policies, standards, and guidelines to ensure that systems are designed and built in a manner that minimizes security and compliance risk while ensuring UFV’s business needs are met. Working with the Information Security Architect, the Security Analyst’s primary mandate is to protect the confidentiality, integrity, and availability of IT assets and data University wide.
· Operational administration and maintenance of the university’s IT security applications and plans.
- Performs daily system monitoring of computer systems and networks for issues.
- Investigates suspected security issues, identifies root cause, and determines if caused by security breach or another incident. Performs initial assessment of exposure scope.
- Monitors email gateways, and responds to 'phishing' emails and 'pharming' activity. Provides advice and guidance to staff on issues such as spam and unwanted or malicious emails.
- Works independently, with the IT Services teammates, or with clients and stakeholders, to install security components to protect systems, and information infrastructure, including anti-malware agents, monitoring, and other programs.
- Conducts security assessments, including testing of processes, system and application vulnerability testing and risk analysis. Identifies potential weaknesses and offer recommendations to remediate vulnerabilities to the Information Security Architect.
- Provides first level troubleshooting and resolution for security systems including, end point security software, third party security systems/applications and cross-functional issues requiring collaboration.
- Performs operational administration of various security applications including, WAF, SIEM, SCCM, SCOM, Email Gateway, Endpoint Anti-Malware, Firewall, and IDS.
- Works with the Information Security Architect, system administrators, and owners to remediate security issues, and document security incidents.
- Change and configuration management.
- Upgrades, patches, performance and usage issues.
- Documentation of processes including counter-measures or mitigating controls.
- Disaster planning and business continuity.
- Assists with the creation, maintenance and delivery of cyber security awareness training.
- Develops security awareness by providing orientation, educational programs, and on-going communication.
- Prepares written technical documentation for processes, procedures and standards.
- Collaborates with other departmental staff regarding cross-functional processes, procedures and standards.
- Assists various internal UFV client communities with security related questions, issues, and problems.
- Liaises with internal UFV clients to maintain and improve security on a variety of business systems, applications, processes, and procedures.
- Undergraduate degree in Computer Science, Information Systems, or related field.
- Certifications such as CISSP, Security+, or GSEC; from ISACA, ISC2, or similar body.
- Information Technology recognized training (e.g.; OFFSEC, SANS, security vendor).
- Minimum five (5) years’ experience in Information Technology with at least three (3) years’ experience working with security applications. Demonstrated knowledge of IT security principles, practices, technologies and procedures.
- Operational experience with the following: Security Event Monitoring (SIEM), enterprise endpoint management, Web Application Firewalls (WAF), endpoint anti-malware, DLP and HIPS, Intrusion Prevention (IDP), firewall management.
- Demonstrated expertise in the following: Linux administration, Microsoft server administration, networking technologies, Active Directory/LDAP.
- Demonstrated understanding of the following: technical capability of security components, vulnerability assessment, authentication techniques, security attack pathologies, risk assessment procedures, IT auditing practices.
- Understanding of the cyber security risks associated with various technologies and ways to protect.
- Working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus.
- Excellent IT skills, including a passion for cyber security, knowledge of computer networks, operating systems, software, hardware and security.
- Ability to work as part of a team and to build strong relationships with staff and other relevant individuals.
- Verbal communication skills, including excellent presentation skills.
- An ability to communicate with a range of technical and non-technical team members and other relevant individuals.
- Excellent written communication skills, technical report writing is an asset.
- Time-management and organizational skills to manage a variety of tasks, prioritize workload and meet deadlines.
- Excellent attention to detail, analytical skills and an ability to analyze complex technical information in order to identify patterns and trends.
- Ability to work under pressure, particularly when dealing with threats and at times of high demand.
How to Apply
Direct resume including evidence of appropriate qualifications by June 26, 2019, referring to Posting #2019.147 to:
University of the Fraser Valley
33844 King Road, Abbotsford, BC, Canada V2S 7M8
Tel: (604) 854-4554 Fax: (604) 854-1538 Website: www.ufv.ca
Email resumes to: firstname.lastname@example.org" target="_blank">email@example.com
Shortlisted applicants may be required to undergo a criminal record check. Shortlisted applicants will be required to provide copies of their most recent evaluation summary.
All qualified candidates are encouraged to apply; however, Canadians and permanent residents will be given priority. In an effort to be both environmentally and fiscally responsible, UFV will contact only candidates receiving an interview. We thank all applicants for considering UFV for employment.
UFV is committed to the principle of equity in employment.