Security Analyst (ID#5127)

New Value Solutions, a national IT consulting company, is seeking knowledgeable and experienced Security Analyst(s) to support cybersecurity operations and incident response for a government client. As part of a cross-functional team of IT consultants, staff, and business leaders, you will help safeguard systems, data, and services by assessing threats, responding to incidents, and ensuring compliance with established security policies and standards.

Responsibilities:

• Manage the security incident queue in ServiceNow and follow incident response plans to address potential threats.
• Analyze the potential impact of new threats and communicate risks to relevant business units.
• Create and maintain operational reporting artifacts (e.g., Risk Management Decision Items, incident reports, HR investigations, lost/stolen reporting).
• Compile and analyze data for management reporting and metrics.
• Collaborate with CSRMB to design and execute security awareness campaigns; research needs and trends to anticipate potential incidents.
• Respond to security incidents, engage appropriate stakeholders, and perform root cause analysis.
• Coordinate efforts among multiple business units during incident response.
• Support and monitor phishing simulation exercises, including targeting, tracking, and reporting.
• Respond to and resolve Privileged Access Management (PAM) activities and service requests within defined SLAs using ServiceNow.
• Recommend improvements to incident response processes and procedures.
• Stay informed on emerging cybersecurity threats, trends, and best practices.

Requirements:

• Minimum 5 years of experience in the IT sector within cybersecurity or networking.
• Demonstrated experience with:
• Network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS)
• Security tools/platforms (e.g., SIEM systems like Sentinel, antivirus, vulnerability scanners)
• Operating systems (Windows, Linux)
• Incident detection, investigation, and mitigation
• Risk assessment and management techniques
• Compliance/regulations (ISO 27001, NIST, privacy legislation)
• Scripting/automation (Python, PowerShell, Bash)
• Certifications such as CompTIA Network+/Security+, CISSP, CEH, or GIAC GSEC are considered assets.
• Experience with penetration testing and ethical hacking is an asset.
• Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or a related field is an asset.
• Must be able to work in Canada.

If you have this expertise and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.

ID# 5127