Security Analyst
Halifax / Nova Scotia / Prince Edward Island / Charlottetown, PEI / New Brunswick
G&A – IT & Info Sec /
Full-time /
Remote
The Company
Simply put, SpryPoint provides Smart Solutions for Smart Utilities.
Founded in 2011, SpryPoint is a leading provider of cloud-based solutions for the utility sector. Our team of experts has extensive experience serving utilities across North America, and we are dedicated to helping our clients improve their operations and better serve their customers. Our solutions include advanced billing and customer relationship management tools, as well as powerful analytics and data management capabilities. We are proud to have been recognized by industry experts and our clients alike for the value and innovation we bring to the market.
In February of 2023, SpryPoint received a strategic investment from Norwest, a leading venture and growth equity investment firm. With this investment, SpryPoint will build on its significant business momentum over the past three years, expanding its team and positioning the company to continue increasing market share of its mission-critical, cloud-native solutions for smart utilities.
Position Overview
SpryPoint’s Security Team enhances cyber resilience by proactively identifying and addressing potential vulnerabilities within the enterprise environment through attack simulations. This role collaborates intensively with IT, DevOps, and Development teams to strategize, organize, implement, and communicate efforts aimed at identifying and fortifying detection gaps and control vulnerabilities, thereby strengthening cyber defense capabilities across the enterprise.
Responsibilities
- Quickly understand and utilize SpryPoint’s SOC technologies, including but not limited to a Security Information Event Management (SIEM) platform, Intrusion Detection System (IDS), Endpoint Detection & Response (EDR) solution, and insider threat tooling.
- Act as an internal expert on matters relating to intrusion detection and incident response (IR).
- Respond to security events and threats from alerting, escalations, and other sources. Be responsible for running security incident response activities – triage through recovery/closure.
- Lead complex investigations and conduct deep analysis of security events, across various company security platforms, focused on rapid containment and remediation.
- Perform Threat Hunting activities when not involved in IR activities.
- Research, simulate, and run penetration tests using open source tools.
- Lead security projects/activities with other groups according to need.
- Work closely with IT to improve monitoring, detection, tooling, and integrations.
- Track industry cybersecurity attacks and vulnerabilities and work proactively to address cyber risks (think SolarWinds, Log4j, etc.).
- Provide high quality written and verbal reports, as required.
Qualifications and Competencies
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a similar field preferred. In lieu of education requirements, relevant industry experience will be considered.
- 1+ years of Security Operations Center (SOC) and Incident Response (IR) experience is a big plus.
- Understands threat analysis models like MITRE ATT&CK Framework and the Cyber Kill Chain.
- Familiarity with OWASP ZAP, Burp Suite, Metasploit, OpenVAS, NMAP, or similar tooling.
- Experience with Linux and MacOS operating systems and threats that target them.
- Cloud security experience – AWS preferred.
- Python and terraform/OpenTofu are nice to have.
- Curiosity and strong desire to constantly learn.
Full-time Employee Benefits and Perks
- Remote-first and autonomous working environment
- Flexible working hours
- Competitive compensation package
- $500 towards your home office setup
- Health, dental, vision, and life insurance
- Book bounty program, get reimbursed $100 for each book read and reviewed
- Professional development courses + $2,500 tuition assistance annually
- Summer Friday’s, take ½ day Friday’s
- Employee referral program: $2,000 per new FTE hired
- Snacks and drinks (☕🍺🥤) in our HQ on Prince Edward Island
- Annual company (SpryPalooza 🤘) and team offsites
- Dress for your day - wear what works for you at work
SpryPoint is an equal-opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, ancestry, sex, sexual orientation, gender identity, age, physical or mental disability, medical condition, genetic characteristics, veteran or marital status, pregnancy, or any other classification protected by applicable local, state, or federal laws. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.
