Title: IT Security Analyst
CBN is looking for an IT Security Analyst to grow our IT security team. We are a small, dynamic, results driven team tasked with securing CBN.s IT. We strongly believe in investing in our employees and you will enjoy full support for training, certification, and conferences. You will enjoy flexible hours and free time to develop your tools or hone your skills.
Our Interview Process
In order to ensure a candidate is a good fit for our team we have a heavy focus on technical testing during the interview process. An IT Security Analyst requires a strong understanding of operating system and network fundamentals in addition to IT security controls and digital forensics. Candidates can expect technical tests in one or more of the following domains:
- Windows fundamentals,
- Linux fundamentals,
- dead box forensics/network forensics,
- penetration testing,
- binary analysis,
- and application security testing.
Technical tests are arranged in real world scenarios where candidates are provided access to tools, workstations, and the Internet. In addition to technical testing knowledge tests may be applied in traditional (no Internet access) format.
As an analyst you will be responsible for implementation and maintenance of IT security monitoring and detection controls. You will be required to participate in incident response and help develop and automate incident response processes. You will also be responsible for internal penetration tests and IT security audits.
Duties and Responsibilities
- Implement and maintain IT security monitoring and detection controls. Automate analysis and event detection processes using scripting and web services.
- Monitor and review security events from SIEM.
- Participate in incident response process including digital forensics and malware analysis.
- Perform internal penetration tests and IT security audits.
- Review, research, and recommend IT security controls.
- Bachelor.s degree or college diploma in Information Systems, Computer Science, or related field; or equivalent work experience.
- 2+ years of experience directly in the IT security field or 4+ years of IT experience with some focus on IT security
- Strong knowledge of Linux and Windows OS
- Strong knowledge of network communication fundamentals (TCP/IP).
- Basic scripting experience; web service development experience a plus.
- Ability to work in high pressure results driven environment.
- Driven need to automate everything.
- Experience with IDS technology such as Snort and supporting analysis tools like Wireshark, Scapy, Hping, etc.
- Experience with Splunk .
- Experience with incident response process including digital forensics.
- Experience with security auditing and or penetration testing.
- Experience with Nmap, Nessus, and or backtrack tool set is an asset.
Nice to Have
- Familiar with OWASP top 10 and application security testing tools.
- Experience with ZAP or Burp is an asset.
- Experience with malware analysis and reverse engineering tools such as OllyDBG, IDA, Cuckoo, etc.
- GSEC, GCFA, GFCE, GPEN, CEH
We thank all applicants for their interest in Canadian Bank Note Company, Limited. Due to the high volume of candidates that apply for our career opportunities, we can only respond to individuals that are selected for interviews.