JOB DESCRIPTION

Job Title

IT & Security Operations Specialist

Classification

Full-time, Regular

Reports To

VP Engineering

Revision Date

Mar 20, 2025

Location

St. Johns, NL

Salary

Summary

The IT & Security Operations Specialist will be responsible for managing our teams computing environment, administering IT systems, ensuring our AWS cloud infrastructure aligns with security best practices, and supporting our security+privacy compliance efforts. The ideal candidate is comfortable working across IT administration, software development, cloud security, and compliance while helping implement policies and processes that protect our organization.

What youll do!

IT Administration & Support

• Manage and support our team's IT environment (MacOS centric)
• Administer user provisioning, access control and endpoint security policies.
• Manage Single Sign-On (SSO), MFA and identity management solutions.
• Configure and maintain web and email security protocols.
• Provide troubleshooting and IT support for team members as needed.

Cloud & Security Operations

• Manage and optimize our AWS cloud infrastructure, ensuring secure configuration and compliance with security best practices.
• Implement and monitor security controls, IAM policies, network security, and encryption across cloud environments.
• Coordinate with development teams to ensure secure CI/CD pipelines, logging, and monitoring are in place.
• Conduct regular security assessments, vulnerability scans, and incident response when needed.
• Proactively monitor and analyze security alerts, logs, and events to detect and respond to threats.
• Familiarity with Infrastructure as Code would be an asset

Compliance & Security Governance

• Maintain our compliance program (SOC2, HIPAA, GDPR), ensuring controls are implemented and followed.
• Collect and manage evidence for audits and compliance assessments.
• Support internal and external security audits, providing documentation and remediation plans.
• Continuously improve security policies and procedures, ensuring alignment with industry best practices.
• Perform periodic access reviews to ensure adherence to least privilege and "need to know" principles.
• Support employee security awareness initiatives and training programs.
• Provide documentation and feedback to stakeholders on security controls

What youll bring!

• 3+ years of experience in IT administration, security operations, or cloud security.
• Experience managing MacOS environments, including MDM and endpoint security solutions.
• Hands-on experience with AWS security best practices (IAM, networking, logging, encryption).
• Strong knowledge of authentication, web, and email security protocols (SSO, MFA, HTTPS, SSL/TLS, SSH, DKIM, DMARC, SPF).
• Familiarity with security and privacy compliance frameworks (SOC2, ISO27001, HIPAA Security Rule, GDPR) control implementation and audit processes.
• Experience with security tools for monitoring, logging, and vulnerability management.
• Strong analytical and problem-solving skills, with the ability to work independently in a fast-paced environment.
• Relevant cybersecurity certifications are preferred.
• Any experience administering or securing Salesforce implementations would be an asset

KPIs of this Role

• Delivery Timelines - percentage of IT or compliance tasks completed within planned timeframes
• Policy Adherence - percentage of work processes compliant with documented cybersecurity policies
• System Availability & Issue Response time - minimize team downtime and time to recover from issues