CoLab Job Board

Security Analyst
St. John's or Remote, NL, Canada

Introduction

CoLab Software is a team of passionate and driven innovators and problem solvers who are setting the new standard for engineering collaboration. We take pride in our ability to continuously learn from each others’ unique skill sets and perspectives, and apply that knowledge to solve customer problems. Our rapid growth and continuing success mean we have an opening for an experienced Security Analyst.

Company

CoLab helps design and manufacturing teams to streamline their processes and resolve issues faster by enabling real-time collaboration, design reviews, and issue tracking with teams around the world. The world's fortune 500 companies are looking to us to help bring the future to life and 2021 is the year to make it happen.

Finding people passionate about solving meaningful problems is our top priority, and having the drive and hunger to figure things out is key. We have intentionally created a culture where we value kindness, respect, teamwork and improvement. CoLab is a place where you will be valued, rewarded, and have opportunities to grow in many ways. We value what you do and who you are. CoLab is a place where you can bring your whole self to work. Diversity and inclusion is extremely important to us and lived experience as a member of any marginalized community is considered an asset.

If you require any accommodation to participate in the recruitment and selection process, please advise at any point and we will work with you to meet your needs.

Position

We are looking for a Security Analyst to help build and shape the future of CoLab’s enterprise security program. In this role you will be critical in the decision making process, and play a key role in the design and implementation of core security solutions and practices to support CoLab’s security program. 

The ideal candidate possesses:

  • strong technical and analytical skills, providing accurate analysis of, and solutions to, security-related problems and challenges;
  • a high degree of tenacity, ingenuity, creativity, independence, flexibility, and aptitude;
  • a strong sense of ownership, team responsibility and team trust;
  • the ability to function in a fast-paced environment; and,
  • passion and enthusiasm.


Responsibilities:

As a Security Analyst at CoLab you will:

  • be an essential member of the CoLab team bringing your knowledge, passion and experience to contribute meaningfully to CoLab’s purpose in this hands-on role that requires a high degree of technical security expertise in a cloud ecosystem (AWS);
  • implement and manage cyber security solutions to monitor, detect and investigate unusual or suspicious activity, real time attacks and breaches, providing post-mortem analysis to identify the issue, root causes, possible solutions, and preventative measures;
  • identify, evaluate and communicate cyber security risks, including unresolved security exposures, misconfigurations, misuse of resources, and noncompliance situations, to both technical and non-technical leaders across the business and serve as subject matter expert on escalated incidents;
  • maintain a proficiency in current and emerging cyber threats and attacks, security vulnerabilities, and developments in relevant technologies;
  • provide expertise and support to ensure control activities are designed and implemented appropriately to protect the confidentiality, integrity and availability of business and customer data in compliance with organization policies and standards;
  • optimize existing security controls and solutions, and develop new strategies, processes, and best-practices, that contribute to continuously improving CoLab’s security program;
  • assist in preparing and presenting KPIs to management and stakeholders;
  • create and maintain documentation for security systems and procedures;
  • work with the security and development teams to prioritise and remediate findings from internal and external security testing of cloud based infrastructure, web and mobile applications;
  • assist in designing, building and maintaining corporate IT solutions and IT infrastructure; and,
  • assist in providing security mentorship and training on security awareness and secure business practices.

Required Skills

  • Strong knowledge of network architecture, security event monitoring, offensive and defensive techniques, vulnerability management and forensics, as well as intrusion techniques and practices.
  • Strong understanding of computer operating system principles, technologies and security (MacOS, Linux and Windows).
  • An in-depth understanding of cybersecurity issues, log management and analysis.
  • Hands-on experience with common security tools and products (e.g. IDS/IPS, NGFW, WAF, SIEM/Log management, vulnerability scanners, endpoint security, identity and access management).
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment.
  • Proficiency in AWS CLI/API and shell scripting.
  • Knowledge of AWS architecture and services, AWS security services, automation strategies and tools.
  • Experience in cloud based Web Application Firewall and DDoS protection services.
  • Knowledge of network based, system level, and application layer attacks and mitigation methods.
  • An in-depth understanding of cybersecurity issues, log management and analysis.
  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security.
  • Ability to clearly and effectively communicate concerns and issues to other teams.
  • Ability to effectively communicate to key stakeholders during a security incident.
  • Experience in developing, documenting, and maintaining security procedures.
  • Solid understanding of threat modelling, vulnerability management & incident mitigation.

Preferred but not required:

  • Experience with Infrastructure as Code as well as cloud configuration and compliance management solutions.
  • Knowledge and experience in software development, secure software development life cycle, secure code review and security testing (web application penetration testing).
  • Experience with SOC 2, Domestic and International Export Controls (CGP/ITAR), and Cybersecurity Maturity Model Certification (CMMC).
  • Industry recognized professional certification such as Security+, GSEC, GCIH, CISSP, AWS Certified Solutions Architect, AWS Certified Security - Specialty, or other relevant certifications would be a valuable asset.

Know someone who would be a perfect fit? Let them know!