Job Position: Security Analyst
Company: Amsted Rail
Location: Charlottetown, PE
Security Analyst Job Details:
Amsted Canada is not only a leader in the manufacture of industrial components, we are a company where you are the driver of your own career. At Amsted, we know that our employees are at the heart of our world-class business and we value you and want you to excel with us. We spend time understanding where you want your career to go and help you get there by offering the support and resources that will allow you to grow with us. At Amsted, we also encourage a spirit of Innovation by allowing time and space to experiment, to think differently and to challenge the status quo. If this is the type of environment where you believe you will thrive, we encourage you to join us.
Operating under the Amsted Industries umbrella since 1962, today we are meeting the growing needs of a global market with over 80 facilities across six continents.
Amsted Canada has established a new Business Center in downtown Charlottetown, Prince Edward Island. We are elevating our Global Technology teams in several areas including but not limited to Security, Development, Infrastructure, Emerging Technology, and SAP. We are also expanding our Shared Services Support (HR, Payroll, AP/AR, and Finance) in PEI. These teams are instrumental in providing support to all Amsted affiliate locations worldwide.
The Security Analyst will be working as part of our Security Operations Center (SOC) team to provide services for all Amsted Entities. Core duties include monitoring, triage and incident response for Endpoint Protection, Identity, Email Threats, and SIEM alerts. The successful candidate will also be well versed in Vulnerability Management, Security Education, and Proactive Threat Hunting. The Security Operator communicates with IT teams, management and as needed with employees directly to work through alerts and indications of compromise. He/she is an escalation point from our Managed Detection vendor and escalates issues to the regional IT teams if unable to fully resolve. This role will have a set 40hr/wk schedule but will require some flexibility including 10hr shifts and one day on the weekend, no night shifts. The Security Analyst will be part of a team on-call rotation once trained, being available by phone for high priority escalations one week in every six.
- Monitor various security systems currently in place. Those systems include endpoint protection, mail protection, SIEM, web content inspection, IPS, identity behavior, etc.
- React to security anomalies detected in the systems as well as those mentioned or reported directly from users/colleagues.
- Execute action plans based on process documents, committing to maintain and develop new documentation as necessary.
- Assist with Vulnerability scanning, reporting, business liaison and system patching.
- Participate in proactive threat hunting.
- React to e-mails that were flagged as possible phishing or containing malware: analyze and communicate with employees.
- Create Phishing Campaigns and provide Security Awareness training.
- Participate in vendor selection due diligence and proof of concepts.
- Staying ahead on global trends in security, ongoing attacks, security advisories.
- Associates degree in Information Technology or equivalent coursework/experience in IT Infrastructure and/or Information Security field.
- A keen understanding of fundamental computing concepts (I/O and Storage devices, memory management, program, process, and thread execution, etc.)
- A strong understanding of and/or experience with Networking in a corporate environment.
- Knowledge of Email servers, mail transfer principles, threat protection, message analysis and common email-based attacks.
- Experience with Server and PC Administration for common OS types (Windows and *NIX)
- Experience with security incident investigation/response and threat hunting.
- Strong understanding of Active Directory configurations, underlying authentication protocols, Group Policy, etc.
- Working knowledge of common cloud infrastructure and identity platforms.
- Experience with common scripting and programming languages.
- Previous working experience in a SOC or SysAdmin role is a plus.
- Experience with preparation, implementation, or maintenance of Cyber Security compliance frameworks.
- Excellent communication skills. Ability to convey technical issues to non-technical staff clearly and concisely.
- Ability to follow workflow runbooks, write concise documentation and teach others.
- Intrinsic interest in the Info/Cyber Security field that drives you to stay current in this constantly shifting landscape.
- Dedicated, collaborative work ethic as part of a global team.
- Strong desire to learn.
Compensation & Benefits
- Excellent base salary and targeted annual bonus structure
- Comprehensive employee benefits package including medical, dental, life and disability insurance, salary continuation, and a health spending account
- Hybrid Workplace
- Company pension program
- Fitness reimbursement credit
Amsted offers employees the stability of an established industry leader, along with the chance to learn, grow, advance and make a difference. As a private company and 100% employee-owned, we are all stakeholders in this business and all have a common goal to make this company not only a profitable company, but also a place to grow our careers. We strive to be a place that people are attracted to, and go steps beyond to make sure our employees are happy on the job – and away from it. For more information, please visit our website at www.amsted.com to find out more about what makes our workplace special.
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT