New Job Security Analyst In Saskatchewan

The Information Security Analyst is responsible for day-to-day operations to ensure compliance with Government of Saskatchewan (GoS) information security policies, standards, and guidelines along with legal and legislative requirements. This role is accomplished by the implementation of new security solutions, monitoring the networks for security issues, identifying and mitigating security threats and vulnerabilities, installing security software, and resolving any security issues or breaches.

Security Analysts play a key role in all investigations pertaining to employee access, assets, and the use of company assets. The Analyst ensures all stakeholders are aware that there is the proper authority to proceed and that those are involved are on a need-to-know basis.

This role will facilitate Information Security Risk Management (Identification & Analysis of Information Security Risks) across GoS. This role will be key in the identification of information security risks, cataloging and analyzing them. This role will be responsible for administering security tools such as Email Security, IPS, Web inspection, SIEM, Endpoint Security tools, PKI tools etc. This role will be responsible for investigating Security Incidents across the organization.

Responsibilities:

• Facilitate Information Security Risk Management (Identification, Assessment & Treatment of Risk) across GoS;
• Manage risk assessment methodology – will be responsible for gaining approval of methodology and ensuring consistency in approach across GoS;
• Manage the Information Security Risk Register – ensuring these are kept up to date and risk treatment plans are kept on track;
• Conduct all investigations pertaining to employee access, assets, and use of company assets;
• Monitor intrusion detection and prevention systems, taking proactive and appropriate action when required;
• Ensure GoS security policies are enforced and followed;
• Participate in security reviews of new services to ensure that end products meet operational security requirements;
• Provide security expertise as required;
• Perform detailed security analysis of applications, services, servers, workstations and processes to monitor for vulnerabilities and compliance variance;
• Identify, document and report risks and follow up with appropriate resources to remediate those risks;
• Support, operate and maintain security-related appliances, software and processes; and
• Periodically monitor the information assets for viruses, breaches and policy violation and take appropriate action to mitigate the issues.