IT Cybersecurity Analyst

The City of Richmond is committed to be the most appealing, livable, well-managed community in Canada, a goal that is only made possible by developing our most valuable asset – our people. This is a great opportunity to join our team and shape our community. The City of Richmond offers competitive pay programs, comprehensive benefits and attractive incentives. If you are looking to make a difference, and to share our vision “to be the most appealing, livable, and well-managed community in Canada”, then please apply.

Overview

The IT Cybersecurity Analyst will play a key role in leading the planning, design and implementation of technical and operational measures to protect the City, reducing the risk of compromise. This position requires strong experience investigating, analyzing and reporting sensitive outcomes to varied audiences, as this position will have access to IT infrastructure, applications and related system audit logs. It will also require demonstrated confidence, expertise, charisma and relationship-building skills, as this is a leadership position within the IT Department.

Examples of key responsibilities include, but are not limited to:

• Monitoring, reviewing and analyzing transactional and audits logs (firewall, intrusion detection, access management, antivirus etc.) and data collected by City systems or networks (e.g. SIEM, Antivirus, IPS etc.), determining whether the results are indicators of harmful activity to the City and recommending remediation for potential vulnerabilities.
• Identifying, investigating, coordinating, communicating and documenting response to IT security breaches, antivirus and system vulnerability tests.
• Researching, testing, maintaining and optimizing IT security tools and appliances (e.g. SIEM, antivirus, vulnerability and penetration testing etc.) on a regular basis
• Planning, coordinating or implementing security measures, providing technical supervision and advice as required.
• Participating in system designs, architecture discussions, and reviews to increase the detection of system misuse to align with security best practices (PCI compliance, application and network security, user authentication, end user security etc.).
• Performing and documenting baseline and regular assessments of network and applications architecture to recommend and apply security best practices for system configuration
• Researching, developing, maintaining and publicizing IT security standards, related controls, processes and other documentation for the City's computing environment based on current security best practices.
• Provide technical mentorship and guidance to staff, sharing security knowledge and experience
• Represent the City’s cybersecurity interests with external service providers
• Evaluating IT policy compliance within the City, reporting infractions and recommending corrective actions and responses.
• Designing, delivering and promoting cybersecurity awareness and user education activities to educate and train City staff in cybersecurity best practices and risk avoidance to increase adoption of City’s cyber security technologies and practices.

Knowledge, Skills & Abilities:

• Experience with security best practices (eg vulnerability assessments, incident response, security policy development, security governance, change management etc)
• Good understanding of networking (TCP/IP, OSI model etc), operating system fundamentals (eg Windows, Linux), and current security technologies (eg. endpoint security, DLP, firewalls, IDS/IPS, Active Directory, MS Exchange etc.)
• General understanding of regulatory and compliance requirements related to privacy and data protection (eg PCI DSS, FOIPPA, etc)
• Good understanding of security frameworks and methodologies (eg NIST, PCI DSS, MITRE ATT&CK etc)
• Strong ability to appropriately represent and consolidate differing technical viewpoints to diverse stakeholders and in making timely and prudent technical risk decisions to meet enterprise security standards and policies.
• Strong ability to effectively and appropriately communicate at all levels within the organization, both verbally and in written format.
• Good ability to interpret and translate business requirements into technical security requirements
• Strong ability to analyze and integrate data, recommendations, and corporate priorities to establish necessary security considerations to anticipate and respond to IT security issues.
• Demonstrated ability to think clearly, strategize and respond effectively in a fast-paced environment.
• Highly self-motivated, disciplined and able to work independently with minimal supervision.
• Demonstrated ability to engage and develop strong collaborative relationships with others on a one-on-one basis and in teams
• Demonstrated ability to problem-solve, providing effective solutions.
• Demonstrated ability to use sound judgement and conflict resolution practices when working with and communicating sensitive information to staff.
• Able to successfully clear a police information check (PIC).

Qualifications and Experience:

• Bachelor's degree in computer science, information technology or related field or an equivalent combination of education, training and experience.
• Minimum 3 years experience working with IT systems and cloud technologies
• Minimum 2 years’ experience in cybersecurity or related field.
• Minimum 2 years’ experience utilizing security testing tools and techniques (eg Tenable, Groundlabs, PuTTY, MobaXterm, etc.).
• Minimum 2 years’ experience related to security frameworks (e.g. PCI\DSS, GDPR, NIST 800-53, ISO 27001\9001 etc.) data privacy and FOIPPA.
• Minimum 1 year direct experience managing and configuring a SIEM, preferably QRADAR.
• Minimum 1 year experience with scripting languages (eg SQL, Powershell, Bash etc.) and in log parsing to extract data elements from raw log data
• Minimum 1 year experience developing and delivering cybersecurity awareness content and programs
• Familiarity with data analytic tools (e.g. Spotfire, PowerBI, or MS Excel)
• Familiarity with identity access management (IAM) standards and tools (eg Azure Active Directory)
• Familiarity with ITIL and familiarity with ITSM platforms.
• Preference will be given to applicants that currently have one or more of the following certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control, Certified Ethical Hacker (CEH)
  • Global Information Assurance Certification (GIAC)
  • Project Management Professional (PMP)
  • Other IT certification (Cisco, CompTIA, Microsoft Certified, ITIL)

Working Conditions:

This position is eligible for the City's hybrid work policy.

Additional Information: