Security Platform Analyst

The Security Platform Analyst is a key member of the Security Platform Support team who will operate and optimize various business processes and technology systems cross-functionally to align to the security technologies supporting the overall Informational Security program.   

They will participate in the support of the Sun Life Cyber Security program and continuous process improvements to increase operational effectiveness and maturity.  This includes working with the other security teams to ensure that the operations of the security portfolio are running smoothly and in an optimized manner in our production environment.  Candidates will work on tickets and problem management, security tool management, project contribution and acceptance of new technology into production while running the service effectively.   

The goal is to provide stellar service, having a continuous improvement mindset to help drive operational efficiencies and secure our environment. 

Preferred Skills: 

• This position requires a strong technical aptitude with the ability to meet client expectations.  

• Able to work independently and deliver expected outcomes, be focused on the end deliverable, and build trust with clients and peers.   

• Excellent time planning, communication, and collaboration skills. 

• Expertise in technology and security toolsets. 

• Technical skills in one or more security products and platforms: endpoints, crypto, email, cloud, perimeter, application, web proxy management, EDR products, SIEM. 

• Good knowledge of automation and scripting methodologies for process improvements and technology integrations. 

• Good knowledge in managing security systems and tools in a Unix and Windows environment. 

• Strong Microsoft Excel skills & utilizing it to manage large datasets and present usable data. 

• Experience with System or Network Monitoring solutions for platform health, alerting and capacity management. 

• Experience with ServiceNow or similar ITSMs for CMDB, Incident, Change Management, etc. 

Responsibilities:  

• Ensure the Cyber Security capabilities and protection mechanisms are running well. 

• Document, update and maintain cyber security playbooks, policies and knowledge base articles used to support the established Incident Management and CSIRT processes.  

• Provide technical skills and as Subject Matter Expert in various security technologies. 

• Collaborate with other security platform, operations, and investigation teams to ensure the service meets the end requirements. 

• Communicate operational issues, status, and escalations. 

• Continuously verify that the appropriate controls are in place to protect the organization against cyber security risks. 

• Asset management and reporting on software and hardware currency 

• Disaster Recovery program coordination and execution for security tools 

• Monitoring & Alert Maintenance to ensure clear visibility to impacting and trending issues with security tools. 

• Be involved in many continuous improvement projects that will span multiple security technologies and capabilities, such as configuration drift, logging standardization and automated validations of systems 

• Executive reporting on areas such as tool license management and coverage 

• Continuously improve internal processes with an automation mindset. 

• Participate in a 24x7x365 On-Call rotation for Security Operations tools and technologies. 

Qualifications: 

• University degree/college diploma in related discipline(s) or equivalent work experience, and/or 2+ years in security IT industry experience 

• Professional designation in IT security (such as CISM, CISSP, CISA) preferred. 

• Familiar with Cyber Security frameworks (NIST, MITRE) and security tools and services. 

• Work experience in Financial Industry preferred