Security Analyst - Vulnerability Management and Offensive Security

3 days ago

Apply Now

Receive Emails with Similar Jobs

TELUS

WebsiteLinkedInAll Job Openings

TELUS is a Canadian telecommunications company providing a wide range of products and services to customers throughout Canada. Their offerings include mobility services with a selection of phones, plans, and data options, high-speed internet services through PureFibre, and bundled options with TV entertainment through Optik TV. They also offer smart home security solutions, healthcare services through TELUS Health, and community support initiatives. TELUS is known for its efforts in social impact and sustainability, and they operate in several Canadian provinces and territories, with a focus on delivering customer-centric service and technological innovation.

National telecommunications company in Canada

10,000+ employees

Founded 1990

📡 Telecommunications

⚕️ Healthcare Insurance

🔐 Security

📋 Description

• Your goal in this position is to proactively protect our organization's information systems and applications by minimizing security risks before they can be exploited. • Your primary objective is to reduce the organization's attack surface by identifying, assessing, and driving the remediation of vulnerabilities before they can be weaponized by threat actors. • Through comprehensive risk assessment initiatives, continuous monitoring, and supporting our penetration testing program, you aim to strengthen our organization's security posture, ensure business continuity, and minimize the likelihood of security breaches, ultimately serving as the first line of defense in maintaining the organization's cyber resilience from both an offensive and defensive perspective. • As an experienced security professional with strong collaboration and communication skills, your core focus will be on vulnerability management and supporting our offensive security program. • Additional SecOps support may also be required from time to time. • You’ll interface with all security teams including security architecture, offensive security, cloud platforms and DevSecOps.

🎯 Requirements

• Previous working experience as a Security Analyst (offensive and defensive) for minimum 3 years • BA in IT specializing in Cybersecurity, IT or Computer Science • Advanced knowledge of security controls implementation. • Advanced knowledge of vulnerability management including remediation of CVE’s, and executing proactive threat hunting. • Advanced writing skills (Technical and non-technical). • Practical Cloud security experience with appropriate certification spanning (Azure, AWS, GCP) • Experience with Vulnerability Scanning tools such as Nessus, Burp Suite, and Tenable • Experience with ASM • Knowledge and practical experience any of the following OWASP top 10, OWASP Web application Security Testing Guide (WSTG), OWASP (Mobile) Application Security Verification Standard (MASVS/ASVS), BSIMM, and OpenSAMM • Experience working on enterprise Cloud services deployments (SaaS, PaaS, IaaS) and understand security challenges involved in Cloud migration, adoption and operation • Knowledge of application security, software development with security concepts and integration into the development pipelines. • Experience across SCA, SAST, DAST, and IAST • Experience with application security capabilities including Web Application Firewalls, DDoS mitigation, Bot prevention, and associated threat management controls • Knowledge of security and industry standards (e.g., ISO, NIST, ITIL, etc) • Advanced knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) • Experience with Cloud based security tools (CSPM, CWPP) • Solid analytical skills • Solid understanding of firewalls, IDS, PKI, and cryptography • Basic understanding of CI/CD pipelines • Enjoy team collaboration and information sharing • Superior collaboration skills to easily translate technical jargon into business language • Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X