You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Senior Information Security Analyst and SIEM Administrator

Location
Victoria, BC
Details
Full Time
18 days ago
Salary
76,850 to 100,456 per year

The Information Security Office is looking for a Senior Information Security Analyst and SIEM Administrator to join our team within University Systems.  The Information Security Office is responsible for overall coordination and management of the information security program for the university.  In addition to providing additional capacity and expertise to the team for projects, operations, and incident response, this position will help lead the implementation of a SIEM platform as part of a maturing campus-wide information security program.

Our preferred candidate should have experience with some or all of the following:

  • Good understanding of TCP/IP and related network protocols
  • Experience with common open source security tools (Nessus, nmap, Wireshark, Snort, Metasploit, etc.)
  • Experience with security services, such as Disk Encryption, Endpoint Protection, Intrusion Detection/Prevention and Firewalls, Security Event and Incident Management, and Data Loss Prevention
  • Working knowledge of and experience in the environment of information security
  • A Cybersecurity industry certification such as GIACCISSPISACACEH or OSCP
  • Broad knowledge of Windows, Mac, and Linux operating systems
  • Good knowledge and experience using and/or implementing a SIEM in an enterprise environment


The salary range for this position is:

Recruitment range:  $76,850 - $86,493 starting salary determined by the PEA Collective Agreement.

Performance range: starting salary to max of $100,456 is available through annual performance increases

Job Summary

University Systems (http://www.uvic.ca/systems/) serves a diverse client base including students, faculty and world-renowned researchers. We consist of three major units: Academic & Administrative Services, Infrastructure Services, and UVic Online, all working together to provide computing, communications and technology in support of the university's learning, teaching, research and administrative activities. We support high profile research projects and work as part of the BCNET consortium. We exist in a complex work environment where we must effectively navigate complex, cutting edge and ever-changing technology, and information security and privacy issues in order to be the best information systems organization in the Canadian university system.

Reporting to the Manager, Information Security Office, the Senior Information Security Analyst and SIEM Administrator assists in the monitoring and enforcement of information security policy and practice to ensure the confidentiality, integrity, and availability of the University’s Information Resources.  .  The Senior Information Security Analyst and SIEM Administrator works to ensure the operational security of university-wide computing systems and services, and acts as both a trusted advisor/consultant and subject matter expert providing guidance to and collaborating with technical staff and staff in various units throughout the university. This position will oversee Security Incident and Event Management (SIEM) tools and technologies, provide support on SIEM lifecycle, configuration, and tuning management, and will be a subject matter expert and maintainer for SIEM solutions that offer enterprise class log collection, aggregation, and correlation capabilities for a wide variety of platforms.This role uses their knowledge of highly complex information security and systems-related experience to analyze and solve problems. The Manager, Information Security Office, and other senior leaders within University Systems provide guidance and direction on the resolution of more complex issues.

Job Requirements

This position requires a Bachelor's degree in a technical discipline (Computer Science or Computer Engineering preferred) and 5 years' experience working in an enterprise networking environment, and 3 years’ experience in an information security-related function,

An equivalent combination of education, training and experience would be considered.

Essential knowledge and experience requirements include:

  • Good understanding of TCP/IP and related network protocols.
  • Broad knowledge of N-tier computing environments (web applications, database, networking, firewall, etc.)
  • Basic scripting/programming knowledge (e.g. shell scripts, Perl, Ruby, Python, SQL)
  • Broad knowledge of Windows, Mac, operating system environments
  • Strong knowledge of the Linux operating system environment
  • Working knowledge of and experience in the environment of information security
  • Experience with common open source security tools (Nessus, nmap, Wireshark, Snort, Metasploit, etc.)
  • Experience with security services, such as Disk Encryption, Antivirus and Endpoint Protection, Intrusion Detection/Prevention and Firewalls, Desktop Management, Security Event and Incident Management, and Data Loss Prevention, is strongly desired.
  • Experience with implementing, managing and using Security Incident and Event Management systems in an enterprise environment.
  • Experience in securing remote-access and mobile computing environments.
  • A Cybersecurity industry certification such as GIAC, CISSP, ISACA, CEH or OSCP

Essential competencies include:

  • Demonstrate the highest standards of ethical conduct in ensuring the confidentiality, integrity, and availability of information resources.
  • Demonstrated trust from peers and supervisors in regards to working with highly-confidential and personally identifiable information.
  • Ability to communicate complex technical concepts to a non-technical audience through written and verbal communication.
  • Ability to work both collaboratively in a team environment as well as independently.

The following criteria are considered an asset:

  • Experience with public sector privacy legislation and regulations (PIPEDA, FIPPA)
  • Experience working in a post-secondary education environment or comparable size/complex organization
  • Experience in delivering training and awareness to end users, and being a spokesperson or ambassador for information security issues.
  • Experience working in environments involving multiple stakeholders.
Category
Information Technology