McCarthy Tétrault

Senior Security Analyst

McCarthy Tétrault

full-time

Posted on:

Location Type: Hybrid

Location: TorontoCanada

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudGoogle Cloud Platform

About the role

  • Working with IT/ Security stakeholders during investigations and incident response activities.
  • Working with internal stakeholders to lead a strong vulnerability and patch management program.
  • Liaising with clients on external audit and compliance requests.
  • Leading security risk assessments against internal and external clients and technologies, as required.
  • Supporting IT and Business projects as the Security SME and conducting project risk assessments where necessary.
  • Contributing to the identification and evaluation of information security threats through internal technology and process reviews of existing security controls.
  • Participating in the periodic review of the firewall rule-set and regular reviews of identity access management.
  • Developing and executing penetration testing process, as well as follow up remediation activities.
  • Maintaining awareness of current and emerging threats and staying abreast of current and developing technologies, risks, and security best practices.
  • Developing and coordinating the Department’s Security Awareness Training program.

Requirements

  • University degree or equivalent in Information Technology or Information Security.
  • Minimum of 7 years of relevant work experience, including a minimum of 5 years of hands-on experience as a Security Administrator, Support Desk Consultant or similar IT roles involving frequent customer contact.
  • Minimum of 3 years of experience with an EDR solution such as Crowdstrike/ Defender / SentinelOne.
  • Minimum of 3 years of experience with cloud security technologies within AWS/ GCP/ Azure.
  • Experience with ISO 27001/27002 and/or Top 20 Critical Controls required.
  • Experience with information security risk assessment methodologies required.
  • CISSP or CISM certification preferred.
  • GCIH or GCFA certifications a strong asset.
  • Strong written and verbal communication skills.
  • Strong written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • A critical thinker with strong problem-solving skills.
  • Knowledge of technological trends and developments in the area of information security and risk management.
  • High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
  • Strong organizational skills, with a high attention to detail.
  • Bilingualism (French, English) would be an asset.
Benefits
  • Outstanding benefits from day one, including insurance premiums paid by the Firm and wellness and technology reimbursements.
  • Competitive compensation, paid overtime and generous time off, including a day off to volunteer and a day off for your birthday.
  • A commitment to professional development and growth opportunities for our people at all levels, supported by a culture that fully embraces and encourages two-way feedback.
  • Strong community involvement and a commitment to equity, diversity and inclusion.
  • A collaborative, cohesive culture that connects lawyers and business teams through collective purpose.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability managementpatch managementpenetration testinginformation security risk assessmentEDR solutionscloud securityISO 27001ISO 27002security controlsidentity access management
Soft Skills
communication skillsinterpersonal skillscollaborative skillsproblem-solving skillsorganizational skillsattention to detailcritical thinkingintegrityjudgmentmaturity
Certifications
CISSPCISMGCIHGCFA