Purpose:As our Intermediate IT Security Analyst, you will work closely with the Cybersecurity team, provide day-to-day operational support, act as an internal SOC team member, and contribute to security-related projects as directed. We are looking for someone with 3 to 5 years of security experience - or equivalent infrastructure or network experience, preferably in an enterprise environment - who can own routine security operations with limited supervision while developing deeper expertise in detection, response, and threat mitigation.
Main Responsibilities & Activities:- Provide tier 1 & 2 day-to-day security operations support, monitoring alerts and logs and analyzing security events to assess criticality and priority.
- Participate in a 24x7x365 on-call rotation, one week at a time, responding promptly to incidents and system alerts.
- Perform vulnerability scans using vulnerability management platforms, and identify vulnerabilities and recommend mitigations.
- Work with SIEM technologies to ingest new data sources and manage logging for better visibility, including creating correlation and behavioral rules that materialize into detections and trigger automated responses to remediate incidents.
- Deploy Extended Detection and Response (XDR) sensors and configure platform policies, such as prevention and content update policies.
- Manage and monitor identity protection platforms, including performing access reviews and detecting and responding to identity-based threats.
- Review firewall rules and network segmentation to ensure they follow established standards.
- Enforce security policies, standards, and procedures and maintain compliance with industry standards and government regulations.
- Maintain hardware and software asset inventories.
- Maintain documentation, run reports, and track security tickets.
- Support the broader IT team with user support and system maintenance as needed.
Knowledge, Skills & Abilities:- A genuine interest in cybersecurity, a commitment to continuous learning, and a team-first attitude.
- 3 to 5 years of security experience, and equivalent infrastructure or network experience, preferably in an enterprise environment.
- Associate Diploma or Bachelor of Science degree in Computer Science or a related Information Technology program, or equivalent hands-on experience.
- Solid understanding of computer hardware, software, and networking concepts, including operating systems (Windows/Linux).
- Solid understanding of cloud computing.
- Experience with a scripting language such as Python or PowerShell.
- AI experience will be considered an asset.
- Self-starter with strong analytical and problem-solving abilities, able to take on responsibility, and work independently with minimal supervision.
- Strong troubleshooting, collaboration, documentation, and communication skills.
- A trustworthy individual, capable of safeguarding confidential information.
- Industry certifications such as CompTIA Security+ an asset; advanced certifications (e.g., SSCP, CISSP) a plus.
- Experience with SIEM, endpoint detection and response (XDR), identity protection, and vulnerability and exposure management platforms, plus ticketing and security ratings platforms.
- Experience with the Next-Gen SIEM, Endpoint Security, Identity security, and Vulnerability Management would be preferable.
- Oil and Gas industry experience a benefit.