Cloud Security Analyst
Athena Software is a leading global provider of SaaS Case Management and Client Information solutions for diverse health and social service organizations in 15 countries around the world. We are a passionate, customer-centric scale-up based in Waterloo, Ontario entering our 16th year of business on a trajectory to double in size and reach.
Building on years of steady success with a growing global client base, we are implementing an ambitious new sales and marketing strategy as a key driver of our company-wide strategic reorganization and focus.
Athena is seeking a highly motivated, collaborative, technically experienced and well-organized Cloud Security Analyst with the ability to understand various compliance requirements, effectively interpret and communicate the requirements to internal teams, and lead efforts to execute plans to meet the compliance requirements. The successful candidate will focus on both assessing risks and implementation of measures (policy, controls or technical safeguards) to mitigate those risks. Working knowledge of SOC2, HIPAA, ISO 2701is highly desirable along with a solid foundation of industry practices in a SaaS environment. Reporting to the CTO, you will be part of a cross functional group where your insight and hands on approach will round the team.
About the Job
- Identify and recommend best practices and standards to ensure the security across the cloud infrastructure and supporting domains.
- Preform assessments to identify gaps or improvements required to meet compliance requirements in an efficient operational means.
- Work with internal teams to develop and implement security and compliance projects;
- Research and document compliance requirements and mapping security controls on frameworks and other regulations.
- Perform security operation activities (e.g. vulnerability management, security monitoring, incident response, security testing etc.).
- Develop and maintain automation alerts, monitoring and verifying procedures with DevOps and Cloud Facilities to ensure the effectiveness of security controls are in place.
- Perform audit/testing on internal controls and work with stakeholders on remediation activities.
- Complies and assists with the development and enforcement of policies and procedures relating to information security in compliance with regulatory requirements and industry best practices.
- Responsible for the implementation of security policies to different information security components (firewall, servers, virtual devices, etc.).
- Prepares technical reports and documentation regarding systems security status and vulnerability analysis.
- Responsible for the review, recommendation and monitoring of technical, administrative and physical controls to address security threats on-premises and in cloud environments.
- Reviews security vulnerabilities and scans applications prior to production deployment.
Who You Are
- 5 years’ experience in IT with, desirably, a minimum of 3 years’ specific experience in Information Security, Compliance, Audit or Risk Management.
- Computer Science, Software Engineering, Computer Engineering degree or equivalent.
- Widely accepted security designations (CISSP, CISM or equivalent) are an asset.
- Solid understanding of information security standards and IT frameworks (NIST, CoBIT, ISF etc.).
- Experience with multiple international compliance requirements (HIPAA, HITRUST, FedRAMP, FERPA, PIPEDA, GDRP etc.).
- Experience with obtaining and retaining certifications (ISO27001, SOC2 etc.).
- Familiar with Information Security principles, and knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration).
- Experience in multiple security domains (e.g. Access control, application and system development, operations security, network, BCP/DR, etc.).
- Excellent organization and communication skills.
- Comfortable working on multiple projects at once.
Does this sound like you? If so, please apply with Resume and Cover Letter to the link provided.
Athena Software provides employment accommodation during the recruitment process. Should you require any accommodation, please indicate this on your application and we will work with you to meet your accessibility needs. For any questions, suggestions or required documents regarding accessibility in a different format, please contact us at 866.806.6014 x312 and/or human.resources [AT] athenasoftware.net.