IT Security Analyst
🔍 Denver, Colorado, United States
Grow with the best. Join a smart, creative, and inspired team that works to support operational excellence. The Stantec community unites more than 31,000 employees working in over 400 locations across 6 continents. Our Functional Services Teams (FSTs) include Corporate Development, Finance, Human Resources, HSSE, IT, Legal, Marketing/Communications, Practice Services and Real Estate and Procurement. Bringing together individuals with diverse backgrounds, talents, and expertise, our FSTs are vital to making our Company stronger.
Your Opportunity
The Security Analyst will monitor Stantec's systems daily for signs of intrusion and coordinate with other members of the IT Security team on investigation, containment, and remediation of incidents. The ideal candidate brings experience in identifying network and endpoint intrusions with industry leading security technologies, experience in 21st century cyber defense techniques and demonstrates comfort working with global technology teams and regulatory frameworks. The analyst will also review and provide guidance to IT Operations teams around security best practices, compliance with Stantec's regulatory and contractual frameworks, and act as an advocate for company policies.
Your Key Responsibilities
- Perform operational reviews of IT security systems and monitoring of key consoles for alerts and follows up on alerts, conferring with other IT Security team members and IT Security Operations manager as necessary
- Initiates and participates in the investigation of alleged security breaches by helping to determine root cause, impact, remediation, and, if necessary, assisting with disciplinary actions and legal or criminal matters associated with such incidents
- Respond to questions and suspected incidents through Stantec's IT ticketing systems
- Reviews current IT security trends to make recommendations for Stantec’s IT security strategy
- Monitors public and private channels for adversary trends or vulnerabilities and makes recommendations or adjustments to IT security systems to ensure operational effectiveness
- Assists IT Security administrators in management and operational configuration of IT Security systems and controls
- Ensuring that all security incidents and near misses are reported per Stantec’s Security Incident Response Plan [ITSIRP]
- Act as advocates in support of Security Awareness and work with Stantec’s end-user community to promote good security practices.
Your Capabilities and Credentials
- Basic understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, and Incident Management
- A solid understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
- Demonstrated knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the company and its objectives
- Strong written and verbal communication skills. Demonstrates an outstanding “customer orientation” to service management
- Basic knowledge of tools and products used in day-to-day performance of job responsibilities (e.g., Azure Sentinel (SIEM), Azure O365 Defender, Azure Security Center, Azure Defender, Falcon CrowdStrike, Proof Point, Microsoft O365 Exchange (EOP), IBM SOAR (Resilient) Incident management etc.)
- Prefer familiarity with IT Security frameworks and relevant regulatory obligations (GDPR, SOX, NIST, ISO, HIPAA)
- Self-starter – Shows initiative, is solutions-focused and has the ability to work with minimal supervision
- Awareness of the challenges and benefits of working in geographically and culturally dispersed, global, virtual teams, and willingness to work cooperatively with others on such teams, which sometimes entails working outside normal business hours.
- Demonstrate diligence in documenting activities and actions taken during incidents and activities to ensure accountability of actions
- Promote innovation and continual process improvement
- Demonstrates knowledge and skill in a technical area, and the ability to tackle a problem by using a logical, systematic, sequential approaches
- Prefer certification related to Information Security
Education and Experience
- Bachelor’s degree or technical diploma in related field.
- 2 years of experience supporting IT security systems preferably in a large enterprise, and/or commensurate combination of education and experience.
This description is not a comprehensive listing of activities, duties or responsibilities that may be required of the employee and other duties, responsibilities and activities may be assigned or may be changed at any time with or without notice.
Stantec is a place where the best and brightest come to build on each other’s talents, do exciting work, and make an impact on the world around us. Join us and redefine your personal best.