Security Analyst - fixed term - Varicent Toronto Bookmark Share Print 230 0 0

Listing Description

Varicent is the industry leader in developing Sales Performance Management (SPM) software, enabling businesses worldwide to Plan, Operate and Pay effectively to drive sales performance and growth.

A named Leader in the Gartner Magic Quadrant for Sales Performance Management seven times in a row, Varicent was founded in 2005 when we pioneered sales performance management software. Evolving quickly to become the fastest growing software company in North America according to Deloitte’s Fast 50™ in 2010, Varicent was acquired by IBM in 2012 and has since been re-founded as an independent global business serving mid-size and enterprise clients with our full suite of solutions to assist in smarter territory and quota planning, efficient lead to revenue operations, and the fastest and most flexible way to pay sellers accurately and on-time. We are looking for talented, driven people that can make an impact across our organization.


 

Our Information Security Team is looking for a Security Analyst to assist in designing, implementing, operating, and monitoring security solutions across Varicent’s products, Cloud, and corporate environments. We’re looking for someone who a good understanding of security tools and technologies and a passion for working with them to help appropriately identify malicious activity / threats, respond to incidents, analyze vulnerabilities while collaboratively working with stakeholders across the organization. 

In this role, you will work on vulnerability management activities and execute security operational and incident response procedures. The role provides exposure to numerous security tools and technologies while providing knowledge and continuous learning opportunities.

This high impact role will be responsible for supporting the security team on the Cloud Infrastructure, corporate and product security aspects of Varicent’s security program to appropriately mitigate risk for Varicent and its customers. 

Remote role
This is a fixed-term position starting in Feb 2023

What you will do:
  • Coordination, deployment, configuration, monitoring and maintaining a variety of security tools such as SIEM, EDR, DLP, WAF etc.
  • Document processes, architecture diagrams, flowcharts etc. as it relates to Security Monitoring. 
  • Support and help perform secure baseline, infrastructure, and application vulnerability scanning. 
  • Review and analysis of security alerts, findings generated from vulnerability analysis tools and work with stakeholders to mitigate vulnerabilities based on priorities.
  • Work independently to ensure vulnerability scans are executing reliably and timely.
  • Provide analysis of security risk data, including the completeness and accuracy of the test results.
  • Escalate high priority risk findings or zero-day vulnerabilities as appropriate.
  • Collaborate and assist the security team in the implementation of security solutions and any active projects as requested and by conducting testing. 
  • Conduct security event triage and investigations through our SIEM solution, DLP and EDR and other security solutions if required.
  • Apply a risk-based approach to requests and activities with an ability to conduct risk assessments and brief Varicent stakeholders on identified risks and mitigation strategies.
  • Develop and help maintain documentation as it relates to Incident Management, including Incident Response Playbooks. 
  • Act as first responder or escalation point, depending on incident severity, following Incident Response Playbooks. 
  • Determine/support investigation and root causes of incidents. 
  • Maintain hardening standards documentation based on security best practices (CIS, NIST, etc.). 
  • Recommend or implement changes as it relates to infrastructure security technologies (e.g., firewalls, WAF, IDS/IPS, EDR etc.), Identity & Access, security monitoring and alerting technologies etc.
  • Stay current on IT security trends and news.
  • Support the collection of security metrics and help prepare presentations for Varicent leadership team and clients.
  • Develop and maintain security standards/procedures documentation by monitoring of industry developments.
  • Research security enhancements and make recommendations to management.

  • What you will bring:
  • Bachelor's Degree / Diploma in Technology Management, Information Security, Computer Science or Computer Engineering or equivalent work experience
  • IT/Information Security experience.  
  • Information security certifications (e.g., CISSP, CISA, etc.) would be an asset but not mandatory
  • Experience working with public cloud service providers infrastructure such as AWS, IBM, GCP will be an asset.
  • Knowledge in securing operating systems, networks, systems, databases, and application architectures.
  • Knowledge of security tools and technologies such as SIEM, WAF, DLP, EDR, Infrastructure/Application vulnerability scanners and other security technologies.
  • Knowledge of security standards and frameworks (NIST CSF, ISO 27001/2, etc.) 
  • Endpoint and Mobile Device Management.
  • Strong written and verbal communication skills
  • Problem-solving skills, high energy and willingness to continually learn and improve.

  • Remote role
    This is a fixed-term position starting in Feb 2023

    Varicent is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. If you require accommodation at any time during the recruitment process please email accomodations@varicent.com

    Varicent is also committed to compliance with all fair employment practices regarding citizenship and immigration status. By applying for a position at Varicent and/or by using this portal, you declare and confirm that you have read and agree to our Job Applicant Privacy Notice and that the information provided by you as part of your application is true and complete and includes no misrepresentation or material omission of fact


    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided



    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765