Infrastructure Security Analyst - USA

CBN Secure Technologies Inc. (CBN STI) is an award winning provider of secure Driver & Vehicle solutions to the US States of New York, Virginia, North Carolina, South Carolina and Wisconsin. CBN STI is a subsidiary of Canadian Bank Note (CBN) Company, Limited. CBN designs and develops industry leading solutions for the following domains: Driver & Vehicle, Border Security, Civil Identity, Excise Control, Currency and Lottery and Charitable Gaming. To learn more, visit www.cbnco.com.

We seek long term relationships with our employees and recognize and reward them with a competitive total compensation package that includes:

• A 401k with company matching contributions;
• Group health, dental, vision, and life insurance;
• Access to the market leading employee and family assistance program;
• Access to virtual mental health and wellness apps.

We will provide you with a wealth of learning opportunities and challenging work that will grow your knowledge, skills and abilities. At CBN STI, we encourage and empower our employees to chart their own career path, putting you in control of your future.

Internal Job Title: IT Security Analyst

Job Type: Permanent, Full-Time

Job Location: United States

Work Model: Remote 

Position Summary

As an IT Security Analyst at CBN Secure Technologies Inc., you will play a key role in both the strategic and hands-on protection of our enterprise systems. You will be responsible for hardening infrastructure, integrating security systems into deployments, and directly supporting the secure configuration of enterprise applications while managing SIEM operations, incident response, and vulnerability reviews.

Your work will also include building automation pipelines, performing system audits, and collaborating with infrastructure teams to enforce security standards from the ground up.

We encourage fresh ideas and value your input on how security should be implemented, giving you the opportunity to shape our security program.

Responsibilities

• Technical Security Operations
  • Deploy, configure, and harden Linux systems and applications with a security-first approach, ensuring on-premises installations follow best practices.
  • Build, maintain, and secure pipelines using automation and scripting languages to streamline configuration management and enforce security baselines.
  • Collaborate with infrastructure and operations teams to integrate security into deployments, upgrades, and system migrations.
• Security Incident and Event Management
  • Design, implement and maintain automated processes within the SIEM environment to enhance threat detection, incident response and log management.
  • Collaborate with cross-functional teams to integrate security controls and enhance the overall effectiveness of the SIEM solution.
  • Develop and maintain automated responses to common security incidents.

• Operational Security Prime
  • Collaborate with Risk and Compliance personnel to gather evidence for Compliance requirements (SOC II, ISO 27001, PCI, NIST 800-53, etc.).
  • Develop and implement processes for daily/weekly/monthly evidence collection, ensuring accuracy, completeness and timeliness in response to audit requests.
  • Collaborate with stakeholders to address compliance gaps and implement corrective actions.

• Technical Security Analysis
  • Monitor SIEM alerts and investigate security incidents to determine the root cause and appropriate remediation actions.
  • Design, implement and maintain automated security processes to enhance efficiency and reduce response times.
  • Prioritize and remediate identified vulnerabilities in collaboration with system owners and IT teams.
  • Create and maintain documentation related to security policies, procedures and configurations.

• Collaboration and Communication
  • Communicate security risks and findings to technical and non-technical audiences effectively.
  • Build relationships with stakeholders across groups to understand needs and requirements and the associated notification process.

Education and Knowledge

• Bachelor's degree in Computer Science (or similar) or an equivalent combination of relevant education and additional relevant work experience
• SANS, ISACA or GIAC certification is preferred
• Knowledge and experience with the following:
  • Systems & Infrastructure
    • Hands-on experience with Linux administration
    • Experience with configuration management and automation tools (Puppet, Ansible, Terraform)
  • Compliance & Frameworks
    • Exposure to regulatory and security frameworks (NIST 800-53, SOC II, ISO 27001, PCI-DSS)
    • Experience participating in audit evidence collection and remediation efforts is an asset
  • Log Management and/or SIEM systems experience (asset)

Experience

• 4+ years in Systems Administration or similar role
• 1+ year in an IT security related position is preferred

Technical Environment

• OS/Command Line: Linux, Windows
• Security Technologies: IAM/RBAC, Conditional Access, MFA, H/NIDS, Traditional Perimeter and Endpoint security
• Automation Languages: Python, Ruby, Bash, PowerShell
• Source Control & CI/CD: Git, GitLab, GitHub, etc.
• Virtualization: VMWare, oVirt, XCPng, Kubernetes, Docker, etc.
• Standards & Benchmarks: CIS Benchmarks, DISA STIGs, NIST National Vulnerability Database (NVD), etc.

Competencies and Soft Skills

• Self-Direction & Initiative
• Analytical & Problem-Solving Mindset
• Technical Curiosity & Growth Mindset
• Collaboration & Teamwork
• Clear & Adaptable Communication
• Resilience & Adaptability

Mandatory Requirements

• Legal Status: Must be legally eligible to work in USA
• Language: Must be fluent in English (reading, writing, speaking)
• Travel: Ability to travel approx. 3-6 weeks/year

Equal Opportunity Employer

CBN STI is committed to achieving a skilled and diversified workforce that reflects the diversity of the American population. We encourage applications from everyone, regardless of age, race, disability, gender identity, religion, sexual orientation, or marital status. We are also committed to developing inclusive, barrier-free selection processes and work environments. If contacted regarding this competition, please advise the interview coordinator of any accommodation measures you may require.