Support the day-to-day operations of the information security program.
Monitor multiple environments to detect, validate and respond to anomalous activity, security events, or unauthorized access of information assets.
Work to promptly resolve tickets related to information security, such as virus/malware infections on desktop, phishing, suspicious network traffic and vendor account reviews.
Conduct vulnerability scans and coordinating all vulnerability remediation from any source (e.g. SAST/DAST scans, network scans, pen tests, etc.).
Actively seek mitigation or closure in identified security risks and gaps.
Track security trends/events to provide information on monthly security reporting.
Utilize problem solving to find root cause in security incidents.
Work collaboratively with other Information Services teams to reach common resolutions and goals.
Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, incident management and security tool implementation.
Conduct security product evaluations, and recommend products, technologies and upgrades to improve Aecon’s security posture.
Liaise with security product and service vendors to provide day to day support and monitoring of all networks.
Work with internal Communications and Learning teams to provide security awareness and training materials for a wide range of audiences.
Provide management of regular phishing simulations including, but not limited to, selection of templates, launching of campaigns and providing reporting & enforcement of compliance.
Monitor, triage and respond to emails that have been reported by employees as suspicious and potential phishing attacks.
Provide monthly metrics related to these reported emails.
Support operational components of incident management, including detection, response, and reporting.
Provide 24/7 oversight to security operations related to monitoring and alerting of potential security incidents.

Requirements

A Bachelor’s degree in Information Systems, Information Security or related field.
1-2 years’ experience applying information security principles and practices in an enterprise environment, or 1-3 years of experience supporting information technology.
Knowledge of security technologies and tools such as SIEM, IPS, EDR, MDM, web content filters and email security gateways.
A good understanding of the business impact of security tools, technologies and policies.
Knowledge of Windows and Linux operating systems, and network protocols.
Working towards CISSP and/or Security+ certifications would be an asset.
Experience troubleshooting technical issues, with excellent analytical and problem-solving skills.
An ability to manage multiple tasks with minimal supervision.
Excellent reporting skills, with demonstrated ability to create reports.
Strong verbal, written and interpersonal communication skills.

Benefits

Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being.
Aecon University and Leadership Programs to help build your career.
Equity, Diversity & Inclusion training.
Aecon Women in Trades and Aecon Diversity in Trades programs.
Employee Resource Groups (ERGs) for building inclusion into all aspects of culture.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability assessmentrisk assessmentnetwork securityincident managementsecurity tool implementationsecurity monitoringanomaly detectionmalware analysisphishing detectionsecurity reporting

Soft Skills

problem solvinganalytical skillscommunication skillsinterpersonal skillsreporting skillstime managementcollaborationattention to detailtask managementadaptability

Certifications

CISSPSecurity+