Work In Tech

Find your next role at Canada's fastest-growing tech companies

Information Security Analyst

Doxim

Doxim

IT
Remote
Posted on Tuesday, May 21, 2024
Doxim is the customer communications and engagement technology leader serving financial and regulated industries. Our platform with its suite of integrated, SaaS software and document technology solutions helps clients digitize operations, improve efficiency, and modernize customer experience. With Doxim, clients can communicate reliably and effectively, improve cross-sell and upsell opportunities, and drive increased loyalty and wallet share through personalized omnichannel communications.

Job Description:
Security Analyst’s primary responsibility is to monitor all information security tools and systems for unusual and unauthorized activity, as well as Indicators of Compromise (IoC). These systems must also be maintained and managed. The hands-on control of security for an international company and management of Security systems.

Responsibilities:

Security Monitoring
  • Ensure that security principles are maintained and adhered to by all employees.
  • Monitor of all security tools for any security related incidents which might occur.
  • Identified incidents must be investigated and reported.
  • Providing content creation and tuning policies to ensure that Doxim is aware of and protected from known security vulnerabilities and threat actors.
  • Effectively manage reported system, application and device vulnerabilities and through remediation and maintenance in adherence with incident response procedures.
  • Communicate with various team for remediation.
Incident management and Response:
  • Raising and logging security Incidents as they occur.
  • Be able to be a part of an incident response team and triage.
  • Assess security incidents quickly and effectively and communicate a course of action to Regional Security SMEs.
  • Compile and maintain information security incident reports. Ensure that all incidents are recorded and tracked to meet audit and legal requirements.
  • Oversee and conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the organization.
Security Management and improvement:
  • Be involved in maintaining all the security governance documents, technical controls, and processes that are required to support the security strategy/solutions.
  • Develop and optimize processes to improve security threat identification and remediation.
  • Maintain an active understanding of industry practices for threat analytics and incident response.
  • Assist developers in secure coding best practices, risk mitigation techniques, and threat modeling.
  • Explain, present, demonstrate (when applicable) and document operational impact of a particular vulnerability, threat or risk.
  • Monitor and maintain approved baseline network topologies and configuration.
  • Be involved in vulnerability and penetration testing.
  • Compile vulnerability and penetration testing reports
  • Provide security, technical, configuration, and architecture support to Doxim representatives as required.
Day to day operational tasks as assigned.
  • Daily checks for any security events
  • Phishing analysis
  • DLP alerts review
  • Onboarding / Offboarding personal requests
Education:
  • BSC in IT security or equivalent industry qualifications/certifications.
Experience:
  • A minimum of two (2) years relevant work experience in the information security field.
  • Experience using vulnerability management tools, firewalls, intrusion detection systems, and responding to network/computer intrusions and supporting inquiries.
  • Knowledge of information systems security principles and methods, the requirements for certification and accreditation of systems testing and evaluation, and performance management methods.
  • Knowledge of test and assessment methods to evaluate security authentication technologies.
  • Knowledge of standards like PCI, ISO 27001, HiTrust, GDPR, Privacy Shield.
  • Expensive general IT knowledge.
  • Strong technical ability.
Experience in the following would be advantageous:
  • Ability to conduct information security risk assessments
  • Ability to create and execute security monitoring tool sets such as DLP, SIEM and Web Gateway, Cyber Protection.
  • Exposure to cyber security or SOC monitoring.
  • Stakeholder Management
  • Ability to support an information security strategy that supports business needs
  • Understanding of the NIST and ISO 27000 frameworks
  • Ability to travel
  • Microsoft Security best practices
  • Good understanding of risk and compliance
  • Understanding of business process analytics
  • Project Management skills
Other:
  • Due to the Global nature of the role and the different time zones, scheduled after-hours and weekend work might be required.
  • The employee is required to be on standby for urgent escalations at all times.

Doxim company encourages applications from all qualified individuals. Applicants with disabilities may notify us of any accommodations needed to support your participation in the recruitment process. We wish to thank all applicants for their interest and effort in applying. Please be aware that only candidates selected for interviews will be contacted for this position.
EOE/M/F/Disabled/Vets
Doxim is an equal opportunity employer and makes employment decisions without regard to race, gender, disability or protected veterans’ status.


#INDOX