Location: Canada, ON, WaterlooApply Now
The Principal Security Analyst is a member of the Information Protection Center team reporting to the Director of Security Operations. This role has responsibility for designing and planning logical and technical security architectures for our global security operations and services. Identifying integration and cybersecurity issues, opportunities for improvements, preparing business cases and cost estimates is required of this position. This role will also support and ensure security designs and architecture comply with requirements for FedRAMP, ISO, PCI, and other compliance requirements.
You are great at:
• Planning, designing, testing, and implementing security solutions for the monitoring and protection of company assets.
• Providing security architecture in the development, sustainment and improvement of security tools and services.
• Leading the security design of on premise and cloud infrastructure (Google Cloud (GCP), Amazon Web Services (AWS), Microsoft Azure, other).
• Reviewing existing architecture, identify design gaps, and recommending security enhancements.
• Analyzing requirements for security tools and technology (SIEM, Endpoint Protection, Vulnerability Management, DLP, other).
• Ensuring designs for security operations technology and tools meet compliance requirements for FedRAMP, PCI, ISO, and others.
• Providing security guidance to security teams on technical, procedural, and best practices for cloud-based solutions.
• Assessing the security architecture of acquired companies and providing recommended security integration plans as required for security operations.
• Providing a DevSecOps-style, approach for conducting testing and conveying control information, consistent with the NIST Risk Management Framework.
• Perform other duties and responsibilities, as necessary.
What it takes:
• BS in Computer Science, Cyber Security, Information Assurance, or Information Security preferred.
• 5+ years’ experience with architecting, designing, and implementing cybersecurity systems, solutions, and tools for on premise and cloud environments.
• 5+ years working with cloud based platforms (GCP, AWS, Azure, etc.) in an enterprise environment
• Expert knowledge of security controls and countermeasures (defense in depth) including practical experience implementing IT security processes solutions in on premise and cloud environments
• Experience with selecting, designing, and implementing security tools and capabilities for large, complex federal or commercial organizations.
• Knowledgeable of FedRAMP readiness to provide assessment of security operations capabilities to achieve FedRAMP accreditation.
• Technical skills with UTM, ATP, Vulnerability Management, DLP, DOS, IAM, security analytics, server operating systems in Cloud and on-premises environments
• Experience with containers and proficient with Kubernetes and Docker
• Experience with Linux or Windows environments and virtual platforms
• Strong understanding of compliance frameworks, like PCI, ISO 27001, NIST, etc.
• Strong Analytical skills and aptitude for change
• Strong written and presentation skills with the ability to communicate effectively with diverse technical and non-technical groups, spanning all organizational levels.
• Must be able to work in a fast paced and changing environment while handling multiple tasks, priorities, and directives. Capable of working under pressure.
• CISSP, CSSP, CISM, or other industry certifications preferred.
At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of sex, national origin, disability or race. If you require accommodation at any time during the recruitment process please email firstname.lastname@example.org.