Senior IT Security Analyst

This is a fully remote position, open to applicants in United States.

📋 Description

• Ensure the deployment and effective operation of security controls, ensuring alignment with organizational security policies and standards.

• Monitor, review, analyze, and respond to security alerts generated from various security platforms.

• Optimize and fine-tune security alerts to minimize false positives and enhance detection capabilities.

• Ensure that assets are properly onboarded and are reporting into the necessary security monitoring and vulnerability management tools.

• Lead and support the vulnerability management lifecycle, which includes: conducting regular vulnerability scans using automated tools, analyzing scan results and prioritizing findings based on risk, collaborating closely with infrastructure, application, and development teams to remediate vulnerabilities and validate fixes, and managing web application security scans, interpreting findings, and providing clear remediation guidance to development teams.

• Monitor threat intelligence feeds and external advisories to identify emerging threats, vulnerabilities, or risks pertinent to the organization.

• Participate in incident response activities, including identification, containment, eradication, and recovery efforts.

• Assess, develop, and implement updated or enhanced security measures to address evolving threats, regulatory, and business requirements, thereby improving both cloud and on-premises security postures.

• Collaborate with IT, engineering, and business teams to develop, review, and enforce secure configurations, standards, and policies.

• Assist project teams in implementing security measures that comply with UBC cybersecurity policies and external regulations, such as HIPAA, GDPR, and CCPA.

• Maintain accurate and up-to-date security documentation for systems, applications, and processes.

• Collaborate with other security team members on security initiatives and best practices, supporting annual security initiatives and defined deliverables in line with the organization’s security roadmap.

• Participate in special projects and undertake additional duties as assigned.

⛳️ Requirements

• Bachelor’s degree in a computer-related field, or 4 – 6 years of equivalent experience.

• 3 – 5 years of relevant work experience, preferably in IT Security.

• Preferred certification in Information Security (GIAC - GSEC, Security+, CISSP, CompTIA CySA+ or equivalent).

• Familiarity with external regulations, such as GDPR, 21CFR part 11, HIPAA, and Sarbanes-Oxley.

• Strong understanding of information security principles and frameworks.

• Significant experience in vulnerability management, including scanning, remediation coordination, and validation.

• Hands-on experience with automated vulnerability scanning tools, including web application scanning solutions.

• Understanding of web application security concepts (e.g., OWASP Top 10) and common attack techniques.

• Familiarity with domain structures, user authentication, and digital signatures.

• Experience with various on-premises and cloud security controls and systems (e.g., MS Intune, MS ATP, MS Purview, Active Directory, IAM).

• Strong documentation and communication skills.

• Experience in research and analysis of findings.

• Experience as a member of an incident response team.

• Digital forensics experience is a plus.

• Programming and scripting experience is a plus.

• Experience with cloud architecture is a plus.

• Familiarity with AI tools and their various applications is a plus.

• Proven ability to coordinate with various teams for project completion, working collaboratively and sharing workloads and responsibilities.

• Ability to thrive in a flexible environment where requirements and procedures are continuously evolving.

• Strong multitasking abilities and effective time management skills.

• Flexible hours, with availability for after-hours support as needed.

• Participate in an on-call rotation to respond to security alerts as required.

🏝️ Benefits

• Competitive salaries

• Growth opportunities for promotion

• 401K with company match*

• Tuition reimbursement

• Flexible work environment

• Discretionary PTO (Paid Time Off)

• Paid Holidays

• Employee assistance programs

• Medical, Dental, and vision coverage

• HSA/FSA

• Telemedicine (Virtual doctor appointments)

• Wellness program

• Adoption assistance

• Short-term disability

• Long-term disability

• Life insurance

• Discount programs