Über
The
Junior Security Analyst
is responsible for assessing, monitoring, and improving the organization's security posture, with a primary focus on incident detection, vulnerability management, response, and resolution across Quarterhill's Roadside, Back Office, Safety divisions.
This role involves conducting vulnerability assessments, correlating security events, and guiding the organization's incident response efforts to prevent security breaches. In addition, this position will collaborate with cross-functional teams to enhance security awareness and integrate best practices across the enterprise. As a key contributor to the cybersecurity team, the Security Analyst works to ensure the organization is prepared for, and resilient against, evolving cyber threats.
Responsibilities
Incident Detection and Response
Perform security event correlation using information from multiple sources to detect threats. Conduct cyber incident triage to assess scope, urgency, and impact. Respond, escalate, and resolve by enforcing security protocols and implementing solutions. Track cyber actions from initial detection through final resolution. Collaborate with internal IT teams and relevant stakeholders to develop and refine runbooks and escalation procedures. Vulnerability Management
Maintain and update an inventory of all in-scope systems and software, ensuring it remains accurate and up to date. Reconcile data from multiple sources (e.g., CMDBs, network scans, asset management systems) to ensure inventory completeness. Ensure all in-scope systems and software are routinely scanned by the appropriate vulnerability management tools. Analyze and prioritize vulnerability scan results; open tickets, provide technical remediation guidance, and track resolution efforts to closure. Analysis and Reporting
Conduct trend analysis and provide regular security performance reports. Operate with an awareness of applicable governance, risk, and compliance (GRC) regulations and policies. Utilize SIEM and other monitoring tools (e.g., Splunk, QRadar, Sentinel) to gather data for dashboards and executive summaries. Policy Development and Training
Assist with the development and refining security protocols, policies, and incident response plans. Assist in the development of employee training programs to enhance organizational cybersecurity awareness. Post-Incident Analysis
Assess and analyze damage to data and infrastructure. Provide post-incident reports to management, including root cause analysis and recommendations for prevention. Qualifications
Education and Experience
Bachelor's degree in a computer-related field, cybersecurity, or equivalent experience (including military experience, such as communications or cyber-MOS). Minimum of 1+ year in a cybersecurity role. Experience with Windows and Linux operating systems and database security. Certifications (Required)
Security+ (CompTIA Preferred Certifications (Optional)
CYSA+ (CompTIA Cybersecurity Analyst). Additional relevant certifications (e.g., CEH, GSEC, GCIA) are a plus. Skills and Knowledge
Working knowledge of current commercial off-the-shelf (COTS) cybersecurity technologies and trends to include SIEM, EDR, and vulnerability management. Familiarity with cybersecurity operations center (SOC) environments. Knowledge of security principles, techniques, and incident response frameworks (e.g., NIST, MITRE ATT&CK). Strong analytical skills for identifying and mitigating threats. Ability to operate effectively in high-pressure environments with shifting priorities. Scripting or automation skills (e.g., Python, PowerShell) and experience with SIEM log queries are highly desirable. Preferred Qualifications
Hands-On SOC or CSIRT Experience
Experience working in a cybersecurity operations center (SOC) or computer security incident response team (CSIRT) environment. Familiarity with EDR, XDR, or threat-hunting tools. Project and Time Management
Ability to manage multiple tasks simultaneously, with effective prioritization and communication with senior management. Proven track record of delivering security improvements and initiatives on schedule. Cybersecurity Engineering Familiarity
Familiarity with tools and technologies used in cybersecurity engineering. Comfortable working with cloud platforms (AWS, Azure, GCP), container security, and DevSecOps practices. Soft Skills
Strong communication skills to articulate technical concepts to both technical and non-technical audiences. Team-oriented mindset, with a willingness to collaborate across departments to drive a culture of security. Benefits
We offer a Total Rewards plan designed with you and your family's health and wellness in mind that includes:
Paid days off (i.e. vacation, sick days, bereavement leave) Health and Dental plans Retirement plans Employee and Family Assistance Program (EFAP) Employee referral program Employee Stock Purchase Program (ESPP)
We welcome applicants from all backgrounds, regardless of race, color, religion, sex, veteran status, sexual orientation, gender identity, national origin, age, or disability or any other protected characteristics in accordance with applicable federal, state/provincial, and local laws. We're committed to creating a workplace where everyone feels valued and respected.
We appreciate all responses and will acknowledge only those being considered for an interview.
We respectfully request no calls or unsolicited resumes from Agencies.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.