Senior Analyst, Infrastructure Cybersecurity (9329)
Job Type
Full Time
April 12, 2024 1:12PM
Toronto, Ontario
The Toronto Transit Commission (TTC) is North America's third largest transit system and has been recognized as one of the top places to work in the GTA. Guided by a forward-thinking strategic plan, the TTC's vision is to be a transit system that makes Toronto proud. The TTC's recruitment efforts are directly aligned to its mission of providing "a reliable, efficient, and integrated bus, streetcar and subway system that draws its high standards of customer care from our rich traditions of safety, service and courtesy."


About the job


Requisition ID: 9329

Number of Vacancies: 1

Department: Information Technology Services (20000014) - Information Security Office (30000033)

Salary Information: $101,719.80 - $127,218.00

Pay Scale Group: 10SA

Employment Type: Regular

Weekly Hours: 35 Off Days: Saturday and Sunday Shift:

Posted On: April 8, 2024

Last Day to Apply: April 21, 2024

Reports to: Director, Infrastructure Cybersecurity

Career Opportunity

A great opportunity within the Information Technology Services to work on Cybersecurity Initiatives.

What You Will Do

Reporting to the Director, Infrastructure Security, the Senior Analyst Cybersecurity Infrastructure provides expertise for cybersecurity infrastructure throughout the enterprise, this includes all Information Technology (IT) and Operational Technology (OT) technologies and environments. With the accountability for providing technical expertise, support and services on all Infrastructure related initiatives, this role works closely with various IT and business subject matter experts to ensure appropriate security controls are in place to address identified enterprise security risks. Triages Analysts engaged in cybersecurity activities.

General responsibilities of this position include managing network security configuration (for Routers, LAN, WAN, VPN), vulnerability and patch management, firewall deployment and management, managing identity and access management, managing certificates (such as Public Key Infrastructure (PKI) and digital signatures) and infrastructure cybersecurity technology deployment.

Ensures compliance to standards throughout the organization and remaining up to date on all matters relevant to security technology issues. Works with key external security vendors to support the effective cybersecurity infrastructure operations for the TTC to conduct tuning, patching, and verification according to upgrade and remediation plans.

The incumbent is also responsible for promoting a culture of cybersecurity throughout the TTC.

You will be responsible for Network Security Configuration Management and Vulnerability management and Patching Cadence where in you will perform network security configurations for Routers, LAN, WAN, VPN etc., investigate alerts, triage, perform deep dive and come up with proper action items and remediation plans, handle incidents as defined in playbooks and standard operating procedures and follow-up on remediation actions, identify and validate patches needed based on IT asset class, work closely with the ITS teams to do deploy patches for vulnerabilities across all asset classes and generate reports for patching cadence, create reports to showcase compliance to deployment of patches across IT asset classes, coordinate and report patch compliance to IT leadership, ensure timely follow up with patch management and vulnerability remediation in coordination with support teams.

You will also be responsible for Firewalls, Endpoint and Infrastructure Security Requirements, Infrastructure Technology and Incident response where in you will select the firewall, conduct proof-of-concept, configuration upkeep, and general management of the firewalls, ensure that the firewall health check is conducted to remove duplicate, orphan or shadow rules, create structure/templates that maps rules to use cases to ownership across ITSz, investigate alerts, triage, perform deep dive and come up with proper action items and remediation plans, create a identify and access management program which would lead to creation of AD profiles for roles within the organization, ensure that AD profiles are managed and kept up-to-date and are mapped to evolving structures in the organization, provide subject matter expertise to cybersecurity projects in the areas related to email gateway, endpoint detection and response, SIEM, Cloud security access broker, IPS, IDS and VPN and perform advanced network forensics, including, but not limited to, network logging, network anomaly and Packet Capture (PCAP) analysis.

In addition to the above you will be responsible for treating passengers and/or employees with respect and dignity and ensuring the needs of passengers or employees with disabilities are accommodated and/or addressed (if applicable and within their area of responsibility) in accordance with the Ontario Human Rights Code and Related Orders so that they can fully benefit from the TTC as a service-provider and an employer and perform related duties as assigned.

What Qualifications Do You Bring?

  • University Degree in Computer Science, Information Security, Cybersecurity, or a related field as well as significant Cybersecurity experience (MDR, SOC and other security solutions) and progressive experience in Microsoft and Linux platform environment or the equivalent combination of education and experience.
  • Demonstrate a current and working knowledge of Information Security best-practices, methodologies, and techniques.
  • Progressive experience triaging security events related to malware, security log analysis (SIEM), EDR/MDR/NDR Tools, vulnerability and patch management, and the Incident Response (IR) process.
  • Extensive experience with intelligence analysis processes and cyber investigation.
  • In-depth understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP and LDAP.
  • Excellent written & verbal communications skills (communicating at all levels with internal & external stakeholders).
  • Strong analytical, problem-solving and troubleshooting skills.
  • Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
  • Any of the following certifications will be an asset:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Systems Security Certified Practitioner (SSCP)
  • Certified Information Systems Auditor (CISA)

What We Offer

  • Commitment to creating a diverse, equitable and inclusive culture that promotes a sense of belonging and represents and reflects the needs of the communities we serve.
  • A flexible, hybrid work approach that allows colleagues to find balance between their professional and personal lives and making the most of the benefits of working remotely and purpose-driven in-person collaboration opportunities.
  • One of the great benefits of being a full-time TTC employee is becoming a member of TTC defined pension plan.
  • A comprehensive package that covers health, dental, vision and more.
  • Support for professional development opportunities for all colleagues through a broad range of learning programs that include in-person and online training, leadership development, and support for colleagues’ well-being.

Commitment to EDI

The TTC is committed to upholding the values of equity, diversity, anti-racism and inclusion in the delivery of its services and in its workplaces. The TTC is committed to fostering a diverse workforce that is representative of the communities it serves at all levels of the organization, and supports an inclusive environment where diverse employee and community perspectives and experiences bring value to the organization. The TTC encourages applications from all applicants, including members of groups with historical and/or current barriers to equity, including but not limited to, Indigenous, Black and racialized groups, people with disabilities, women and people from the LGBTQIA+ community. The TTC values and supports an inclusive and barrier-free recruitment and selection process. Accommodations for applicants are available upon request throughout the recruitment and selection process, including for those who identify as having a disability. Please contact Talent Management at (416) 393-4570. Any information received related to an accommodation will be addressed confidentially.

The TTC’s policy prohibits relatives of current TTC employees from being hired, assigned, transferred or promoted into positions, where there is a conflict of interest due to a relationship. Should you be selected for an interview, you will be required to disclose the name, relationship and position of any relative who is a current TTC employee.

We thank all applicants for their interest but advise only those selected for an interview will be contacted.

To proceed, you must be logged in.

Forgot password?
Don't have an account? Click Sign Up to get started.
Sign Up