The Capital Regional District (CRD) is the regional government for 13 municipalities and three electoral areas on southern Vancouver Island and the surrounding Gulf Islands, serving more than 432,000 people.
Our administrative boundaries span the Traditional Territories of many First Nations, all of whom have a long standing relationship with the land and waters from time immemorial that continues to this day.
We value the diversity of the people we hire and serve. In our commitment to bring differing perspectives to our workplace, and to deliver the best possible service to our customers, we encourage and welcome applications from all people with diverse backgrounds, abilities, and lived experiences.
The Security Analyst is responsible for monitoring, analyzing, and responding to security alerts and events from CRD systems and users. Working with the Manager, IT Security, the Analyst is responsible for the support and maintenance of technologies to uphold security operations of the CRD. The primary objective of the role is the analysis and categorization of alerts or other events, including ongoing maintenance and configuration of systems, policies, and tools, as well as assisting with supporting the design and integration of new technology focused tools and applications from a cybersecurity perspective.
Typical Duties and Responsibilities
People working in this role can expect to be responsible for performing the following duties. This list is not meant to be comprehensive and other related duties similar in scope and complexity may be performed.
- Monitor the CRD technology landscape for security incidents, unusual activity, and events.
- Monitor Security events and alerts utilizing Security response tools such as EDR, SEIM, IDS/IPS, Email security, user reports and others.
- Perform security investigations as required using threat intel sources.
- Perform post-event analysis of security incidents and create reports.
- Run vulnerabilities scans and report findings and work collaboratively with IT application and infrastructure teams to action vulnerability findings.
- Threat hunting activities as required using threat intel sources.
- Perform risk assessments and compliance reporting including cloud security.
- Performs penetration tests, TTE’s and other red team exercises.
- Assists in development and promotion of security best practices.
- Installs and integrates security software and devices.
- Maintains and operates security software and devices.
- Participate in Incident Response and Disaster Response planning and testing.
- Work with other IT teams to ensure security systems are maintained and integrated.
- Conduct forensic analysis of security incidents as required.
- Follows all policies, procedures and standards of the CRD
- Performs other related duties as required.
- A Degree in Computer Science or Information Technology, with a focus on Cybersecurity with five years experience including hands on experience working as an IT systems administrator, network engineer or an equivalent combination of education and experience.
Preference may be given for those carrying the following certifications: CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), Offensive Security Certified Professional (OSCP) and SANS GIAC Information Security Fundamentals (GISF)
Knowledge, Skills and Abilities
To be successful at the CRD, candidates should have a shared understanding of our Cultural Traits and Statement of Reconciliation with Indigenous peoples. Additionally, ideal candidates would possess the following role-specific knowledge, skills and abilities:
- Knowledge of security principles and best practices
- Familiarity with security tools and technologies such as: Security Information and Event Management (SIEM) systems, Intrusion Detection Systems (DIS), Intrusion Prevention Systems (IPS), firewalls, Endpoint Detection and Response (EDR) and Antivirus (AV) systems, Network Access Control (NAC) systems, Data Loss Prevention (DLP) systems, vulnerability scanners, firewalls, red team/penetration testing tools, and security education and awareness platforms.
- Knowledge of networking protocols and technologies
- Familiarity with operating systems such as Windows, Linux, and macOS
- Experience with virtualization technologies such as VMware or Hyper-V
- Familiarity with cloud computing platforms such as AWS or Azure
- Experience with scripting languages such as Python or PowerShell
- Familiarity with web application security concepts such as OWASP Top 10
- Familiarity with Cybersecurity Frameworks such as NIST, ISO27001/27002, etc.
- Strong assessment and problem-solving skills, including attention to detail, ability to research, analyze, interpret and summarize issues.
- Excellent verbal and written communication skills and ability to maintain good working relationships with professionalism, tact, confidentiality, and discretion.
- Ability to excel in a dynamic environment, including working under pressure with unpredictable variables and meeting deadlines.
- Willingness to learn and keep skill set current with the latest security trends and threats.
- Ability to occasionally adjust hours of work to respond to operational requirements.
To apply for this exciting opportunity, please visit www.crd.bc.ca and submit your application on our careers page.
We welcome all qualified applicants to apply and may consider a combination of experience, education and/or training where possible.
Government Information Technology