- Implement and administer IT security policies and procedures
- Ensure the integrity, confidentiality, and availability of critical data resources and automated system components
- Administer and configure the Enterprise Management suite of tools
- Manage IT vulnerability management services by analyzing, prioritizing, and conducting vulnerability assessments and penetration testing
- Provide regular and on-going security assessments of IT systems and networks, including the maintenance of its policies and procedures
- Develop and maintain Security Configuration Benchmarks (SCB) or Security Technical Implementation Guides (STIGS) used in applications, databases, systems, and networks
- Work with clients to ensure compliance to security policies and IT security hardening frameworks
- Assist the Security Operations Center (SOC) to address detected security concerns and escalations
- University degree and three (3) years of relevant experience OR Technologist diploma or professional technologist equivalency designation and four (4) years of relevant experience
- *Fields of study: Computer science, electrical, electronics, network security, telecommunications, or engineering
- The educational program must be from an accredited learning institution recognized in Canada.
- Experience in IT security including investigating security incidents and implementing associated corrective action
- A minimum of one (1) year of Vulnerability Management Services performing vulnerability assessments and/or penetration testing.
- Recent and significant experience in penetration testing using products such as, but not limited to Kali/Backtrack, Metasploit, NExpose, Nikto, SQLmap, and Veil-Framwork, and the customization of its scripts, exploits, and payloads.
- Recent experience implementing and customizing technical security controls in recognized hardening frameworks such as, but not limited to CIS – Security Configuration Benchmarks and/or NIST – Security Technical Implementation Guides.
- Recent and significant experience in running Vulnerability Management assessments using various tools and following industry standard practices.
- Recent experience analyzing, designing, and/or implementing security controls in business applications and infrastructure systems in both Linux and Windows environments.
- Experience in network security skills such as packet, vulnerability and exploit analysis.
Assets but not Mandatory:
- Offensive Security Certified Professional/ Certified Expert (OSCP/OSCE; OffSec)
- Global Information Assurance Certified Penetration Tester (GPEN; GIAC)
- Certified Penetration Testing Consultant/Engineer (CPTC/CPTE; EC-Council)
- Certified Penetration Tester/Certified Expert Penetration Tester (CPT/CEPT; IACRB)
- Must be eligible for Enhanced/Secret Clearance
COMPENSATION: To Be Determined
CONTACT: Sebastian Sarault at email@example.com
ABOUT THE AIM GROUP:
The AIM Group Inc., a Canadian company founded in 1988, is a national supplier of professionals in the IM/IT, Engineering & Technical, and Professional Services. The cornerstones of our service-delivery approach are integrity and fairness.
The AIM Group Inc. is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veterans status, Aboriginal/Native American status or any other legally-protected factors.
The AIM Group would like to thank all applicants for their interest. Only qualified candidates will be contacted, and resumes will be kept on file for future consideration. Resumes will not be submitted to other parties without consent.
To apply for this job email your details to firstname.lastname@example.org.