Security Analyst

OverviewThe Mid-Level Security Analyst is responsible for assessing, monitoring, and improving the organization's security posture, with a primary focus on incident detection, vulnerability management, response, and resolution across Quarterhill's Roadside, Back Office, Safety divisions.This role involves conducting vulnerability assessments, correlating security events, and guiding the organization's incident response efforts to prevent security breaches. In addition, this position will collaborate with cross-functional teams to enhance security awareness and integrate best practices across the enterprise. As a key contributor to the cybersecurity team, the Security Analyst works to ensure the organization is prepared for, and resilient against, evolving cyber threats.ResponsibilitiesIncident Detection and ResponsePerform security event correlation using information from multiple sources to detect threats.Conduct cyber incident triage to assess scope, urgency, and impact.Respond, escalate, and resolve by enforcing security protocols and implementing solutions.Track cyber actions from initial detection through final resolution.Collaborate with internal IT teams and relevant stakeholders to develop and refine runbooks and escalation procedures.Vulnerability ManagementMaintain and update an inventory of all in-scope systems and software, ensuring it remains accurate and up to date.Reconcile data from multiple sources (e.g., CMDBs, network scans, asset management systems) to ensure inventory completeness.Ensure all in-scope systems and software are routinely scanned by the appropriate vulnerability management tools.Analyze and prioritize vulnerability scan results; open tickets, provide technical remediation guidance, and track resolution efforts to closure.Analysis and ReportingConduct trend analysis and provide regular security performance reports.Operate with an awareness of applicable governance, risk, and compliance (GRC) regulations and policies.Utilize SIEM and other monitoring tools (e.g., Splunk, QRadar, Sentinel) to gather data for dashboards and executive summaries.Policy Development and TrainingAssist with the development and refining security protocols, policies, and incident response plans.Assist in the development of employee training programs to enhance organizational cybersecurity awareness.Post-Incident AnalysisAssess and analyze damage to data and infrastructure.Provide post-incident reports to management, including root cause analysis and recommendations for prevention.QualificationsBasic QualificationsEducation and ExperienceBachelor's degree in a computer-related field, cybersecurity, or equivalent experience (including military experience, such as communications or cyber-MOS).Minimum of 3+ years in a cybersecurity role.Experience with Windows and Linux operating systems and database security.Certifications (Required)Security+ (CompTIA).Preferred Certifications (Optional)CYSA+ (CompTIA Cybersecurity Analyst).Additional relevant certifications (e.g., CEH, GSEC, GCIA) are a plus.Skills and KnowledgeWorking knowledge of current commercial off-the-shelf (COTS) cybersecurity technologies and trends to include SIEM, EDR, and vulnerability management.Familiarity with cybersecurity operations center (SOC) environments.Knowledge of security principles, techniques, and incident response frameworks (e.g., NIST, MITRE ATT&CK).Strong analytical skills for identifying and mitigating threats.Ability to operate effectively in high-pressure environments with shifting priorities.Scripting or automation skills (e.g., Python, PowerShell) and experience with SIEM log queries are highly desirable.Preferred QualificationsHands-On SOC or CSIRT ExperienceExperience working in a cybersecurity operations center (SOC) or computer security incident response team (CSIRT) environment.Familiarity with EDR, XDR, or threat-hunting tools.Project and Time ManagementAbility to manage multiple tasks simultaneously, with effective prioritization and communication with senior management.Proven track record of delivering security improvements and initiatives on schedule.Cybersecurity Engineering FamiliarityFamiliarity with tools and technologies used in cybersecurity fortable working with cloud platforms (AWS, Azure, GCP), container security, and DevSecOps practices.Soft SkillsStrong communication skills to articulate technical concepts to both technical and non-technical audiences.Team-oriented mindset, with a willingness to collaborate across departments to drive a culture of security.BenefitsWe offer a Total Rewards plan designed with you and your family's health and wellness in mind that includes:Paid days off (i.e. vacation, sick days, bereavement leave)Health and Dental plansRetirement plansEmployee and Family Assistance Program (EFAP)Employee referral programWe welcome applicants from all backgrounds, regardless of race, color, religion, sex, veteran status, sexual orientation, gender identity, national origin, age, or disability or any other protected characteristics in accordance with applicable federal, stateprovincial, and local laws. We're committed to creating a workplace where everyone feels valued and respected.We appreciate all responses and will acknowledge only those being considered for an interview.We respectfully request no calls or unsolicited resumes from Agencies.

Created: 2025-02-21