Analyst, Cybersecurity

Did you know that VIA Rail is carrying out ambitious projects to modernize its services and infrastructure? From our new ultramodern train fleet to ongoing improvement of our infrastructure, we’re building the future of transportation in Canada. Working for VIA Rail is being a part of a collective effort in sustainable mobility.

As a Cybersecurity Analyst, your key tasks and primary responsibilities will focus on threat detection, analysis and incident response. You will spend a significant portion of your time continuously monitoring and analyzing cybersecurity incidents and threats to ensure timely detection and response. Collaborating closely with the Cybersecurity Operations Team and Managed Security Service Provider, you will be pivotal in protecting the organization's information assets against potential cybersecurity threats.

Your role will also involve maintaining and evolving VIA’s cybersecurity platforms. You will additionally be responsible for handling cybersecurity related requests and contributing to the continuous improvement of cybersecurity capabilities, processes and protocols.

Responsibilities

Monitoring and Analyzing

• Monitor alerts from detection platforms and events from various sources, including the Extended Detection and Response (XDR) platform, or raised by the Managed Security Services Provider, Identity Protection tools, and network traffic analysis;
• Analyze and investigate security incidents to determine their impact, scope, and root cause;
• Triage alerts from detection platforms, identifying and resolving false positives while escalating genuine identified attacks;
• Handle cybersecurity requests and investigations including Identity & Access Management.
  
  

Incident Response

• Respond to cybersecurity incidents escalated by sources such as VIA's Managed Security Services Provider (MSSP), VIA's Extended Detection and Response (XDR) platform, and internal partners through the ticketing system. Assist in documenting, creating and evolving automated playbooks in response to incidents.
  
  

Vulnerability Management

• Identify and prioritize vulnerabilities, work with IT Teams to remediate them;
• Assess the organization’s exposure to threats as new advisories are published in private and public threat intelligence feeds.
  
  

Cybersecurity Tool Management & Evolution

• Maintain and configure cybersecurity tools and technologies (Security Email and Web Gateway, Threat Detection Tools, Vulnerability Platform, Privileged Access Management, Cloud Security);
• Monitor the performance and health of security systems to ensure optimal operation;
• Implement updates, patches, and upgrades to security tools and systems;
• Collaborate with other IT teams to integrate and optimize cybersecurity technologies.
  
  

Continuous Improvement

• Stay current with the latest cybersecurity threats, trends, and technologies;
• Develop and maintain internal incident response playbooks and procedures;
• Continuously improve security measures based on audit feedback and emerging threats;
• Implement new technologies and processes to strengthen cybersecurity posture.
  
  

Compliance And Reporting

• Ensure compliance with relevant security policies, standards, and regulations;
• Support audit activities related to information gathering and documentation improvement;
• Respond to auditor requests in collaboration with the Senior Advisor, GRC, including providing required evidence, clarifying existing controls, and actively participating in the preparation, coordination, and follow-up of internal and external audits;
• Contribute to the implementation of audit recommendations and the continuous improvement of the Governance, Risk, and Compliance (GRC) program.
  
  

Requirements

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field;
• Two (2) to four (4) years’ experience in an IT support role such as end-user support, network administration, systems or server administration;
• At least one (1) year of experience in a cybersecurity domain;
• Foundational knowledge of cybersecurity operations;
• Basic understanding of networking (network protocols, configurations and security measures);
• Desired, but not required: Holding a recognized cybersecurity certification such as one of these is considered an asset: Certified Information Systems Security Professional (CISSP) or Associate, Certified Information Systems Auditor (CISA), CompTIA Security+, EC council (CEH).
  
  

Competencies

Tier 1: Critical Technical Skills

• Understanding of cybersecurity principles, threats, and vulnerabilities;
• Experience monitoring security information and event management (SIEM) systems & tools and cross-referencing indicators with threat intelligence feeds including open source (such as virus total, hybrid-analysis, etc.);
• Experience with monitoring networks, detecting threats, and responding to incidents;
• Familiarity with common attack vectors such as phishing, malware, business email compromise, man-in-the-middle/adversary-in-the-middle and ransomware, along with typical mitigating factors against them;
• Proficiency in triaging and remediating security events;
• Strong analytical and troubleshooting skills;
• Experience with network and security technologies, such as firewalls, IDS/IPS, public key cryptography, mail and web hygiene platforms (including SPF, DKIM, DMARC) and endpoint security;
• Experience with identity platforms including functions of RBAC, principle of least privilege concepts and access management.
  
  

Tier 2: Supporting Technical Competencies

• Experience configuring and utilizing vulnerability assessment technologies;
• Experience analyzing the current threat landscape and attack vectors;
• Demonstrated ability in contribution to the implementation of detection technologies.
  
  

Tier 3: Analytical and Problem-Solving Skills

• Strong problem-solving, critical thinking, and troubleshooting skills;
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
  
  

Tier 4: Collaboration and Communication

• Ability to establish and maintain effective working relationships with others;
• Experience with report writing, investigational techniques, and communicating to large audiences;
• An ability to effectively influence others to modify their opinions, plans, or behaviors;
• An understanding of organizational mission, values, goals, and consistent application of this knowledge;
• Be client-oriented, with a focus on understanding and meeting the expectations of internal and external users.
  
  

At VIA Rail, we are proud to be an employment-equity employer and we strive to form teams that reflect the diversity of Canadian society. We aim to remove barriers to employment accessibility and aspire to provide an inclusive and equitable work environment where everyone is valued, regardless of their identity or differences, to enable them to reach their full potential.

If you need assistance in making the recruitment process or the position you are applying for more accessible, please let us know. Alternate arrangements may be offered to individuals who request them at any stage of the recruitment process. All information received in relation to arrangements will be kept confidential.

Note that we will only contact those who are selected for an interview.

Join our 3,000 other employees in helping provide Canadians with a safe, accessible, environmentally sustainable way to travel!