25 Oct
WSP USA
Calgary
The Opportunity: The Attack Surface Reduction Analyst will play a critical role in enhancing our organization's cybersecurity posture by identifying, assessing, and mitigating vulnerabilities and threats across our digital environment.
This role involves a combination of strategic analysis, hands-on implementation, and collaboration with various teams to reduce our attack surface and improve our overall security resilience.
Why choose WSP?
We value and are committed to upholding a culture of
inclusion
and
belonging
Our
Flexible
Work Policy – we recognize the importance of balance in our lives and encourage you to prioritize the balance in yours.
We will support you on and off the job so you can be fully present in both your work and home lives.
A
Canadian
success story - we're
proud
to wear the red and white of this beautiful country and show the world what Canada has to offer.
Enhance
the world around you - from the environment to the highways, to the buildings and the terrain, WSP is the fabric of Canada.
Outstanding
career opportunities - we're growing and pushing ourselves every day to be greater than yesterday - we're open to
your
ideas and trying
new
things.
A phenomenal
collaborative
culture and a workforce filled with genuinely
good
people
who are doing humbly important work.
Come find out for yourself what it's like to be a part of our journey.
We offer attractive pay, flexible work options, a great corporate culture, comprehensive and employee-focused benefits including virtual healthcare and a wellness platform as well as great savings programs, and a clear vision for the future.
#
WeAre
WSP
What you can expect to do here:
Specific areas of responsibility may fall into any one of the following areas of Attack Surface Reduction: Vulnerability Assessment: Conduct thorough assessments to identify potential vulnerabilities and weaknesses in our systems, applications, and networks.
Attack Surface Analysis: Analyze and map out the organization's attack surface, including endpoints, network components, applications, and cloud environments, to identify areas of risk.
Mitigation Strategies: Develop and implement strategies and controls to reduce attack vectors and minimize potential entry points for malicious activities.
Risk Evaluation: Continuously evaluate emerging threats and vulnerabilities and assess their impact on our attack surface.
Incident Response Support:
Collaborate with the Incident Response team to address and resolve security incidents related to identified vulnerabilities or attack vectors.
Collaboration: Work closely with I&O;, Risk, SOC, Sec
DevOps, and other relevant teams to integrate security practices into the development and deployment processes.
Security Tools: Utilize and configure security tools and technologies for vulnerability scanning, threat intelligence, and attack surface monitoring.
Documentation & Reporting: Maintain detailed documentation of vulnerabilities, risk assessments, and mitigation actions.
Prepare and present reports to stakeholders on security posture and risk status.
Continuous Improvement: Stay current with industry trends, threat intelligence,
and emerging technologies to continually enhance our attack surface reduction strategies.
Leadership and People Responsibilities
Develop positive working relationships with other team members and business partners and partners across teams to align with WSPs internal and external client demands.
Provide feedback on the governance process for continued improvement.
Finance/Budgetary Responsibilities
Provide feedback on tooling and identify additional needs
Plan for expanse of security tools to cover ongoing needs
Evaluation of license usage and potential growth
What you'll bring to WSP:
Required
7-+ years related experience in Security Operations, Network Security, Vuln.
Management or similar position.
Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, Data Sciences, or related field
Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing
Proficiency in security tools: Microsoft Defender, Microsoft Defender EASM, Bit
Sight, Cybel Angel and others.
Strong analytical skills with a keen eye for detail and accuracy
Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders
Experience with IT Governance frameworks such as COBIT, ITIL, NIST and ISO 2700x
Experience with risk management, including risk analysis, mitigation, and monitoring
What sets you apart
Master's degree in information technology,
Computer Science, Engineering, Data Sciences or related field
Security+, CISSP, or other related certifications.
WSP
is one of the world's leading professional services firms.
Our purpose is to future proof our cities and environments.
We have over 65,000 team members across the globe.
In Canada, our 12,000+ people are involved in everything from environmental remediation to urban planning, from engineering iconic buildings to designing sustainable transportation networks, from finding new ways to extract essential resources to developing renewable power sources for the future.
At
WSP
:
We value our people and our reputation
We are locally dedicated with international scale
We are future focused and challenge the status quo
We foster collaboration in everything we do
We have an empowering culture and hold ourselves accountable
Please Note: Health and Safety is a core paramount value of WSP.
Given the importance of keeping one another safe it is expected that you comply with our Health, Safety & Environment (HSE) policy at all times as well as client HSE policies when working at client locations.
Offers of employment for safety-sensitive positions involving fieldwork are contingent upon candidates being able to perform key physical tasks of the job as described in the job posting and interview.
This may include the ability to work in a variety of environmental conditions, such as remote or isolated areas, working alone,
and in inclement weather (within safe and reasonable limits).
WSP welcomes and encourages applications from people with disabilities.
Accommodations are available on request for candidates taking part in all aspects of the selection process.
WSP is committed to the principles of employment equity.
Only the candidates selected will be contacted.
WSP does not accept unsolicited resumes from agencies.
For more information please
READ THE FULL POLICY. (https://www.wsp.com/en-CA/careers/notice-to-staffing-agencies)
▶️ Attack Surface Reduction Analyst [OneIT]
🖊️ WSP USA
📍 Calgary