UPEI's Information Technology Systems & Services (ITSS) team is seeking applicants for an Information Security Analyst position that will be responsible for the security of IT infrastructure, software, and at UPEI. This position provides guidance and technical expertise in the following cybersecurity practices: security risk assessment; development and enforcement of security policies and protocols; analysis and monitoring of threats and vulnerabilities; incident management including investigations, forensic analysis; and long-term cybersecurity design and planning.What we offer:
Flexible work arrangements
Comprehensive Health and Dental
Post Retirement Benefits
Tuition Waivers
Health and Wellness on Campus available to staff
Professional Development Opportunities
RESPONISBILITIES:The incumbent is responsible for the implementation of UPEI's information security strategy by supporting cybersecurity operations, threat and vulnerability management, incident response, alerting and monitoring:Develops, enforces, and monitors cybersecurity policies and standardsEnsures UPEI systems and networks meet federal and provincial regulatory requirements;Participates in cybersecurity and data privacy investigations (enterprise and user levels);Works closely with UPEI's legal and privacy officers reporting information on breaches to federal and provincial institutions;Participates in Information security audits and run cybersecurity exercisesPerforms research, tests, installs, and controls security toolsMonitors networks and services seeking for detection of Information Technology threatsReports and analyze threats to prevent information attacksPerforms cybersecurity forensic investigations and participates in incident response plansParticipates in day-to-day cybersecurity activities such as penetration testing, vulnerabilities patching, etc.QUALIFICATIONS:Undergraduate degree in Computer Science, Information Systems, or a related field. Equivalent working experience will be consideredCertifications such as CISSP, Security+, or GSEC (GIAC Security Essentials); from ISACA, ISC2, or similar body is considered an assetInformation Technology recognized training (e.g., SANS, security vendor) would be an assetMinimum 5 years' experience in Information Technology with at least 3 years' experience working with security applications. Demonstrated knowledge of IT security principles, practices, technologies, and proceduresOperational experience with the following: SIEM (Security Event Monitoring), enterprise endpoint management, WAF (Web Application Firewalls), endpoint anti-malware, DLP (Data Loss Prevention), EDR (Endpoint Detection and Response systems), Intrusion Detection/Prevention systemsDemonstrated expertise in the following: Linux administration, Microsoft server administration, networking technologies, M365 security, Azure security, Active Directory/LDAP, Microsoft security and identity servicesDemonstrated understanding of the following: technical capability of security components, vulnerability assessment, authentication techniques, security attack pathologies, risk assessment procedures, IT auditing practicesUnderstanding of the cyber security risks associated with various technologies and ways to protectA working knowledge of various security technologies such as network and application firewalls, host intrusion and prevention and anti-virusExcellent IT skills, including a passion for cybersecurity, knowledge of computer networks, operating systems, software, hardware, and securityAbility to work as part of a team and to build strong relationships with staff and other relevant individualsExcellent written communication skills, technical report writing is an asset.Time-management and organizational skills to manage a variety of tasks, prioritize workload and meet deadlinesExcellent attention to detail, analytical skills, and an ability to analyze complex technical information to identify patterns and trendsTemperament and ability to communicate technical information to people with non-technical backgroundsTemperament and ability to work with people who are experiencing difficulty due to a cyber security incidentAbility to work under pressure, particularly when dealing with threats and at times of high demandApplication Instructions:Please submit electronically a cover letter, quoting the competition number, a resume and reference list to be received no later than the closing date via the link below.If you are unable to apply online, you can drop off your resume to the Human Resources Department, Kelley Building, University of Prince Edward Island, 550 University Avenue, Charlottetown, PEI C1A 4P3, Fax Number 902-894-2895.UPEI is committed to equity, diversity, inclusion, and reconciliation and believes in providing a positive learning and working environment where every person feels empowered to contribute. UPEI is committed to the principle of equity in employment and encourages applications from underrepresented groups including women, Indigenous peoples, visible minorities, persons with disabilities, persons of any sexual orientation or gender identity, and others with the skills and knowledge to productively engage with diverse communities. If you require accommodation in any part of the process, please direct your inquiries, in confidence, to our HR Officer, . Applications will not be accepted via email.Only those applicants who are invited to an interview will be acknowledged.Note that this site is not compatible with some mobile browsers (e.g. iPad, iPhone). Upon successful submission of your application, you will receive an auto-reply to your email address advising your application has been received. If you do not receive an email, please check your spam folder and/or try submitting your application via a different web browser (Google Chrome, Firefox, etc).
