Security Analyst

The Company

Simply put SpryPoint provides Smart Solutions for Smart Utilities.

Founded in 2011 SpryPoint is a leading provider of cloud-based solutions for the utility sector. Our team of experts has extensive experience serving utilities across North America and we are dedicated to helping our clients improve their operations and better serve their customers. Our solutions include advanced billing and customer relationship management tools as well as powerful analytics and data management capabilities. We are proud to have been recognized by industry experts and our clients alike for the value and innovation we bring to the market.

In February of 2023 SpryPoint received a strategic investment from Norwest a leading venture and growth equity investment firm. With this investment SpryPoint will build on its significant business momentum over the past three years expanding its team and positioning the company to continue increasing market share of its mission-critical cloud-native solutions for smart utilities.

Position Overview

SpryPoint’s Security Team enhances cyber resilience by proactively identifying and addressing potential vulnerabilities within the enterprise environment through attack simulations. This role collaborates intensively with IT DevOps and Development teams to strategize organize implement and communicate efforts aimed at identifying and fortifying detection gaps and control vulnerabilities thereby strengthening cyber defense capabilities across the enterprise.

Responsibilities

• Quickly understand and utilize SpryPoint’s SOC technologies including but not limited to a Security Information Event Management (SIEM) platform Intrusion Detection System (IDS) Endpoint Detection & Response (EDR) solution and insider threat tooling.

• Act as an internal expert on matters relating to intrusion detection and incident response (IR).

• Respond to security events and threats from alerting escalations and other sources. Be responsible for running security incident response activities – triage through recovery/closure.

• Lead complex investigations and conduct deep analysis of security events across various company security platforms focused on rapid containment and remediation.

• Perform Threat Hunting activities when not involved in IR activities.

• Research simulate and run penetration tests using open source tools.

• Lead security projects/activities with other groups according to need.

• Work closely with IT to improve monitoring detection tooling and integrations.

• Track industry cybersecurity attacks and vulnerabilities and work proactively to address cyber risks (think SolarWinds Log4j etc.).

• Provide high quality written and verbal reports as required.

Qualifications and Competencies

• Bachelor's degree in Cybersecurity Information Technology Computer Science or a similar field preferred. In lieu of education requirements relevant industry experience will be considered.

• 1+ years of Security Operations Center (SOC) and Incident Response (IR) experience is a big plus.

• Understands threat analysis models like MITRE ATT&CK Framework and the Cyber Kill Chain.

• Familiarity with OWASP ZAP Burp Suite Metasploit OpenVAS NMAP or similar tooling.

• Experience with Linux and MacOS operating systems and threats that target them.

• Cloud security experience – AWS preferred.

• Python and terraform/OpenTofu are nice to have.

• Curiosity and strong desire to constantly learn.

Full-time Employee Benefits and Perks

• Remote-first and autonomous working environment

• Flexible working hours

• Competitive compensation package

• $500 towards your home office setup

• Health dental vision and life insurance

• Book bounty program get reimbursed $100 for each book read and reviewed

• Professional development courses + $2500 tuition assistance annually

• Summer Friday’s take ½ day Friday’s

• Employee referral program: $2000 per new FTE hired

• Snacks and drinks (☕🍺🥤) in our HQ on Prince Edward Island

• Annual company (SpryPalooza 🤘) and team offsites

• Dress for your day - wear what works for you at work

SpryPoint is an equal-opportunity employer. We do not discriminate on the basis of race religion color national origin ancestry sex sexual orientation gender identity age physical or mental disability medical condition genetic characteristics veteran or marital status pregnancy or any other classification protected by applicable local state or federal laws. If you have a disability or special need that requires accommodation please do not hesitate to let us know.