IT Security Analyst

The Role

Lakeside Software is seeking a skilled IT Security Analyst to help fortify our defenses and ensure the integrity, confidentiality and availability of our Azure cloud services and information systems. This role requires a proactive individual with a keen eye for detail, a thorough understanding of current cybersecurity threats and the ability to communicate with stakeholders at all levels.  This individual will be part of a dynamic and innovative team dedicated to protecting our assets.  

What You'll Do

The core functions of this role include:

• Conducting comprehensive security assessments to identify potential vulnerabilities in our Azure systems, networks, and applications
• Utilizing industry-standard tools and methodologies to perform assessments and identify security gaps
• Executing regular vulnerability scans to uncover security weaknesses and ensure compliance with security policies, and regulations
• Analyzing scan results, prioritizing vulnerabilities based on risk, and recommending corrective actions 
• Monitoring and reviewing Indicators of Compromise (IOC) to detect and respond to potential security incidents
• Analyzing threat intelligence and performing investigations to prevent or mitigate security breaches
• Collaborating with internal teams and external partners to contain and resolve security threats promptly
• Training users and promoting security awareness to ensure corporate security 
• Contributing to the development and enhancement of security policies, procedures, and controls to strengthen our overall security posture
• Performing special projects as required 

What You'll Bring to Lakeside

The key requirements for this role include:

• Bachelor’s degree or equivalent experience in computer science or related field 
• At least one CISSP/CISA/SSCP/CASP /GCIH/Security or other InfoSec related certificate 
• 2 years in information security 
• Superb technical documentation skills 
• Experience operating vulnerability scanning software such as Tenable Nessus, Rapid7, or equivalent 
• Strong knowledge of cybersecurity frameworks and standards such as SOC II, ISO27001, CIS and DISA/STIG
• Knowledge of information security systems and security features of Microsoft Windows Systems, Linux and Mac
• Experience managing Active Directory, Group Policy, Anti-malware software 
• ITIL, NIST best practices 
• Experience with threat detection and incident response, including analyzing and responding to IOC
• Experience with configuring and operating a SIEM, WAF, EDR and SASE Incident lead 

Additional Details

• Location: Remote in Canada
• Hours: Full time; Some off-hours / on-call may be required