Senior Endpoint Security Analyst - ANSYS Canada Ltd.

Overview

Position Summary: The Senior Endpoint Security Analyst will have the ability to learn and implement new technology, manage existing systems as well as the ability to work in both an individual and group environment. The candidate will serve as the technical senior in the endpoint management area in a globally distributed environment. This position requires a highly motivated individual who will enjoy working to improve security systems and awareness. Will work directly with all departments to implement procedures and systems for the protection, conservation and accountability of proprietary, personal or privileged electronic data.

Responsibilities

Essential Job Functions/Accountabilities: Knowledge & Experience Advanced knowledge of endpoint security concepts, best practices, and procedures Risk & vulnerability assessments Broad understanding of all aspects of IT and enterprise systems interoperability. Understanding of auditing principles and practices Experience in design, implementation and/or use in several of the following areas: Enterprise Anti-virus management Disk Encryption technologies Patch Management Security Incident Response Management Network Vulnerability Scanning Host-based IDS/IPS Data Loss Prevention Content Filtering Application Whitelisting Security Information and Event Management Network Access Control Strong working knowledge of Windows client/server, Unix/Linux systems and VMware Expert level troubleshooting skills at all layers of the OSI Model Advanced level understanding of Active Directory Leadership & Accountability Lead the development and maintenance the enterprise-wide IT security policies, standards, architectures, and procedures Lead information security awareness and training initiatives to educate staff about information risks Perform ongoing information risk and vulnerability assessments and audits to ensure that information systems are adequately protected. Lead an incident response team to contain, investigate, and prevent future computer security breaches Track root cause and remediation activities for information security issues, audit findings and observations Serve as a liaison between Internal Audit and IT management in seeking and communicating risk management best practices, as it applies to audit documentation and processes for IT. Responsibilities: The main goal for this role is to manage risk through appropriate endpoint management, evaluation, training and awareness. This role will: Lead & coordinate management of: Virus/malware scanning infrastructure Application Whitelist Encryption solutions Lead corporate Information systems security evaluations Source control CRM Financials Assist with security recommendations for Access control Network Access Controls VPN/Citrix/OIAM/NAC Authentication/Authorization/Attestation Physical Access Controls Lead & coordinate management of Patch Management cycle Microsoft Linux - Red Hat & Suse Browsers Adobe Others Lead & coordinate vulnerability & risk assessments Coordinate annual external, internal and IP security audits. Coordinate vulnerability scans on key applications. Coordinate external and internal vulnerability scans on newly acquired companies Validate patching program effectiveness Recommend remediation, process and configuration improvements Lead & coordinate Training Social Engineering Security awareness Lead Security Incident Response Team Setup and monitor alerts (Security Information and Event Management) Coordinate consistent response to security events Prepare status and incident reports Assemble "lessons learned" and make recommendations and changes as required

Experience and Qualifications

Minimum Requirements/Qualifications: Bachelor's degree in Computer Science or equivalent prior work experience in a related field 3 - 5 years experience in security management GCED Certified Enterprise Defender or related certification GSEC designation a plus CISSP designation a plus Other Job Requirements: Participate in IT Security Professional Organization that have a global presence. Strong technical skills (application and operating system hardening, vulnerability assessments, security audits, TCP/IP, intrusion detection systems, firewalls, VPN etc.) Outstanding interpersonal and communication skills Must possess a high degree of integrity and trust along with the ability to work independently Excellent documentation skills Ability to weigh business risks and enforce appropriate information security measures