Insurance Council of BC Hiring for Cybersecurity Analyst at Vancouver, BC Full Time

The Insurance Council of British Columbia is the regulatory organization that licenses and regulates the activities of over 45,000 life and general insurance agents, general insurance salespersons, insurance adjusters, and restricted travel insurance agents in British Columbia.

The Opportunity

The Cybersecurity Analyst (CSA) is responsible for assisting with securing the Insurance Council of BCs’ (ICOBC’s) various information systems. Reporting to the Manager, IT Infrastructure and Security, the CSA is tasked with providing technical expertise in all areas of network, system and application security. The CSA works closely with the managed security platform vendor(s) to ensure systems and networks are managed, emphasizing robust and effective security risk management controls. The CSA leads the annual cybersecurity assessments and penetration tests and researches and reports on emerging threats to ensure ICOBC takes a proactive risk mitigation approach. Responsibilities include reviewing computer networks, identifying potential vulnerabilities, and installing/monitoring necessary software to protect ICOBC and its networks and systems from unauthorized access and or data loss. The CSA must understand the company’s IT infrastructure in detail and monitor it to evaluate possible threats that could potentially breach the network. The CSA will work with ICOBC technologies to detect, analyze, and limit intrusions and security events. The CSA will play a critical role in the ICOBC cyber-incident response process. Ultimately, the CSA will defend ICOBC’s computer hardware, software and other systems from theft, loss and other cyberattacks.

Why Work for the Insurance Council?

Work with a great team of people in a rewarding career that makes a difference. We’re in a downtown location with plenty of amenities nearby. The Insurance Council has a friendly and collaborative environment with a team who’s committed to protecting the public.

We offer a comprehensive health and dental plan.

Work-life balance.

This position is mostly remote work enabled. The incumbent would be required to come into the office as needed.

Professional development.

Equitable employment opportunities.

We have established health and safety practices to limit exposure to COVID-19, including a vaccination requirement for all staff.

Who We’re Looking For

The ideal candidate will have corporate information technology or public sector setting. The incumbent must have excellent customer service and able to adapt to a dynamic, fast-paced environment. Strong project management skills, analytical skills and problem-solving skills are important to the succeed in this role.

Duties and Responsibilities

Proactively monitor the ICOBC technical environment to detect and implement steps to mitigate cyber-attacks before they occur

Perform network security monitoring and respond to cybersecurity incidents while following the ICOBC incident response process

Maintain records of security monitoring and incident response activities

Monitor and analyze Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Security Information and Event Management (SIEM)

Create, modify, and update IDS, IPS, and SIEM rules

Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information

Develop and execute response plans for investigating, containing and remediating cyber security incidents

Participate in response improvement initiatives (Technology Projects, Process Documentation, Tool Implementation, Automation Initiatives) to ensure an emphasis is placed on robust and effective security and risk management

Create and execute strategies to improve the reliability and security of IT systems

Develop and maintain security controls documentation

Maintain security tools, protocols, updating systems, firmware

Minimize security threats by examining infrastructure and devices, identifying security flaws, and using control analysis to follow up with a prompt solution

Maintain the integrity and confidentiality of a company’s data and information systems

Protect systems by defining access privileges, control structures, and resources

Design, support, document and monitor security systems and services

Install, update, and monitor security products on users’ mobile devices

Provide regular status reports demonstrating work accomplished to date and work remaining for the next period

Secure networks through firewalls, password protection, DDoS, IDS/IPS and other systems

Support and diagnose technical issues involving Firewalls, VPNs and other security systems

Provides technical Information Security subject matter expertise.

Stay abreast of industry technical and business trends through participation in professional associations, practice communities and individual learning.

Create and maintain Standard Operating Procedures

Other related work or accountabilities may be assigned as needed.

Qualifications

Degree in Computer Science or related degree or equivalent combination of work experience.

Minimum 3 years of experience in a similar capacity.

CISSP, CEH, OSCP, OSCE, GIAC GCIA, GSEC, Security+ or other security certifications is a plus.

Demonstrated work experience in managing corporate Managed Detection and Response tools, Network Infrastructure, Active Directory and other security solutions

Experience performing Incident Response using Endpoint Detection & Response tooling (Min of 3 years)

Experience in Azure cloud platform and MS 365 Defender, Security & Compliance (Min of 3 years)

Experience with providing technical support (Min of 3 years)

Experienced with developing, maintaining, and reviewing Cybersecurity packages (Min of 3 years).

Experience developing Cybersecurity Incident Response plan and reporting (Min of 3 years)

Familiarity with ISO 27001/27002, ITIL, MITRE-ATT&CK/NIST frameworks

Understanding and experience with penetration testing concepts and techniques

Experience participating in Information Security processes

Experience with multiple areas of systems and computer operations (e.g., Identity & Access Management, IT operations, Network Security)

Proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, VPN, Network Forensics, and RSA Security

In-depth knowledge of enterprise SIEM platform architecture, engineering, and operations