IT Security Analyst

Your Opportunity

As a Security Analyst, you will help monitor Stantec’s systems for signs of intrusion and work closely with the IT Security team to investigate, contain, and remediate security incidents. The ideal candidate understands network and endpoint intrusion detection, familiarity with industry‑leading security technologies, and exposure to modern cyber defense techniques. Comfort collaborating with global technology teams and working within regulatory frameworks is essential.

Your Key Responsibilities

• Perform operational reviews of IT security systems and monitoring of key consoles (Microsoft Exchange Online Protection (EOP), Microsoft Sentinel, Microsoft 365 Defender, Microsoft Azure, Abnormal AI Security, Proofpoint TRAP, IBM QRadar (SOAR), CrowdStrike Falcon, for alerts and follows up on alerts, conferring with other IT Security Analyst and IT Security Operations Leads manager as necessary.
• May participate in the investigation of alleged security breaches to help determine root cause, impact, remediation.
• Respond to incidents reported by users through Stantec's IT ticketing systems.
• Assists IT Security administrators in management and operational configuration of IT Security systems and controls when assigned.
• Learn to document all security incidents and near misses reported in our incident response system. (IBM QRadar (SOAR)).
• Other duties as assigned

Your Capabilities and Credentials

• Basic understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, and Incident Management
• Basic understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
• Strong written and verbal communication skills. 
• Demonstrates an outstanding “customer orientation” personality towards service management
• Capable of learning our tools, consoles and applications used in day-to-day performance of job responsibilities (e.g. Microsoft Exchange Online Protection (EOP), Microsoft Sentinel, Microsoft 365 Defender, Microsoft Azure, Abnormal Security, Proofpoint TRAP, IBM QRadar (SOAR), CrowdStrike Falcon) 
• Self-starter – Shows initiative, is solutions-focused and shows the ability to work with minimal supervision.
• Awareness of the challenges and benefits of working in a geographically and culturally dispersed, global, virtual teams, and willingness to work cooperatively with others on such teams, which sometimes entails working outside normal business hours.
• Demonstrate diligence in detailed documentation of activities and actions taken during incidents and activities to ensure accountability of actions.
• Promote innovation and continual process improvement
• Demonstrates knowledge and skill in a technical area, and the ability to tackle a problem by using logical, systematic, sequential approaches
• Prefer candidates who show current or past information and/or Cybersecurity program related activities.

Education and Experience

• Education and/or experience in the following course areas are a plus.
• CompTIA Security+ entry level, CompTIA CySA+ Focused on Cybersecurity analysis, Certified SOC Analyst (CSA), Cybersecurity Bootcamps