Job Specifications
At CAAT, we’re passionate about what we do. And it shows!
Here, you’ll find a cultural spark in everything we do – from the way we partner with members and employers, to the way we work, collaborate, and grow. It doesn’t just feel different at CAAT. It is different. We’re one of the fastest-growing pensions in the country for a reason. We challenge the status quo, making a real impact on the hundreds of employers we serve – from education institutions to major corporations and household brands. And we’re just getting started. Driven by core values and a shared purpose, we’re fierce champions for better retirement security, known for our can-do culture where everyone plays a role in bringing our vision to life. If this sounds like a fit, we’d love you to be a part of it.
About The Role
We are seeking a Senior Information Security Analyst who will be responsible for assisting with the implementation and monitoring of the CAAT’s security controls that protect the organization’s valuable assets, and data.
The role of Senior Security Analyst is a position within the Information and Cybersecurity Team reporting to the Manager Cybersecurity Architecture and Program Delivery. This role is key in the identification of risks and threats, protection of information and assets, detection and monitoring of events and anomalies, and response to and recovery from, cyber events. The successful candidate will also play a key role in the implementation of new security solutions, and maintenance of various security tools and technologies.
As The Newest Member Of Our Team, You’ll
Participate in planning for Cybersecurity roadmaps to drive technical operational standards and architecture elements of the cybersecurity program.
Provide technical support to the Manager Cybersecurity Architecture and Program Delivery, on cyber initiatives like Data Loss Prevention, Privileged Access Management, ISO 27001 Certification and external/internal cyber maturity assessments/audits.
Maintain up-to-date baselines for the secure configuration and operations of security tools and technologies including Firewall, IPS/IDS, Application Control, web filtering, Messaging Gateway, SIEM, DLP, IAM and Endpoint Protection etc.
Work with other groups and technology stakeholders to support the design and implementation of security by design that enable the business to operate effectively and securely.
Lead cyber risk assessments and uncover security vulnerabilities and misconfigurations, track and monitor the remediation activities to closure.
Demonstrate expertise in the design of security architecture and support the implementation of security by design across all systems and products that house critical data.
Perform risk and control design assessments of infrastructure and systems as well as cloud-based solutions. Recommend remedial actions, and work with system owners and business partners to develop plans and timelines to address risks.
Demonstrate expertise in the design and execution of vulnerability assessments, penetration tests and security audits.
Implement on-going cyber risk reporting, monitoring key trends and tracking metrics to measure control effectiveness.
Help implement and enhance Threat Modelling capability with SDLC and application development efforts.
To Succeed, You Bring
A minimum of five (5) years of practical experience in various cybersecurity domains such cyber architecture, security operations, and technical risk assessments
Post-secondary diploma or degree in the field of computer science
A Relevant security certification such as CISSP, CCSP, Security+, CEH, CompTIA Security, etc.
Understanding of security standards and frameworks such as ISO27001, NIST and CIS, etc.
Strong knowledge of technical configurations from various operating systems and security solutions (Windows, Linux, VMware, IDS / IPS, DLP, SIEM, WAF, VPNs, encryption, etc.)
At least 4 years of demonstrated experience in security architecture for both applications and infrastructure.
Excellent problem-solving and analytical skills to identify and resolve security issues effectively.
Good understanding of cloud security concepts and experience securing cloud-based infrastructure is an asset.
Proven project management and organizational skills, specifically managing multiple, concurrent projects.
Excellent written and verbal communication coupled with an ability to work with minimal supervision.
Knowledge of cloud platform security, M365 security, application security, data security, end point and mobile security, infrastructure & network security including AI, ML and Robotics.
The target hiring salary for this position is $93,900.00 - $110,400.00. Placement within our salary range will be based on factors such as internal equity, market conditions, and the candidate’s experience, skills, and qualifications relevant to the role.
At CAAT, we believe innovation, passion, and purpose are ingredients for a great work environment. We’re incredibly proud of our pe