Security Analyst

A little about us
At Shaw, we’re proud to be leaders in a movement that brings Canadians the connectivity they need to fuel their lives. We’re making bold moves to connect Canadians and we’re always on the lookout for go-getters that are committed to disrupting the status quo. Does that sound like you? We’d love to meet you.
The role
Shaw Communications is currently seeking a Security Analyst to join their team. The successful candidate will be an integral member of the Cyber Security team. Reporting to the Manager, Cybersecurity Architecture the successful candidate will be focused on conducting enterprise wide vulnerability posture management and security compliance monitoring of on-premise and in-cloud assets.
A typical day

• Support the vulnerability assessment solution and its proper integration with data sources and reporting tools
• Ensure all IT assets in scope properly integrated into vulnerability assessment system and are assessed as required by the policy and standard
• Validate the vulnerability assessment data for its accuracy, actuality, and being current
• Customize reports as needed to focus the remediators on the most critical vulnerabilities and policy deviations
• Working closely with peer Security Architects, Cyber Intelligence, and other Enterprise Security and IT teams to improve vulnerability posture of the organization
• Participating in Threat Risk Vulnerability Assessments to determine criticality of vulnerabilities and the risk exposure to help with setting priorities
• Develop and execute automated remediation activities for patching and continuous hardening of images and systems to adhere to the security policy and standards
• Provide daily, ongoing support for cloud security operations, including assessing security impact of proposed modifications, additions, and technology refresh operations
• Maintain and configure cloud security posture monitoring and reporting tools and respond to incompliance
• Support CASB solution and respond to incompliance detection
• Effectively liaise and communicate with the cloud operations group, internal

customers, security operations center regarding critical vulnerabilities posting and emerging threats targeting cloud-based information assets Your skills/experience

• Minimum of 5+ years of directly related cyber security experience with 2+ years of the Vulnerability Management experience.
• Certifications in one or more of the following: CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), certification in Amazon AWS would be an asset.
• Expert knowledge of vulnerability assessment tools such as Rapid7, Qualys, Nesus, or else.
• Diverse understanding of hacker methodologies and technics used to exploit system vulnerabilities.
• Experience in configuration of network scans in large organizations, analyzing the results, and reporting to the remediators and management.
• Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
• Knowledge of specifics to compliance and vulnerability posture management of the cloud-based asset
• Ability to be successful in a dynamic and transformational organization.
• Canadian government security clearance would be beneficial.
• Excellent verbal and written communication skills.

Other details

• Successful candidate will be required to successfully complete background and credit checks
• Successful candidate may be requested to provide evidence of completion of educational and/or credentials

Shaw Communications, through its third-party vendor, collects and stores information applicable to the candidate profile you create when you submit the information asked for below. The use and disclosure of the collected information is for the sole purpose of job search and placement activities for Shaw Communications. The information is subject to Personal Information Protection and Electronic Documents Act. The information will be retained and when disposed of, it is done so in a secure manner. Your profile will become inactive and moved to the archive if you do not access your profile for a period of 1 year.