• Help monitor Stantec’s systems for signs of intrusion • Work closely with the IT Security team to investigate, contain, and remediate security incidents • Perform operational reviews of IT security systems and monitor key consoles • Participate in the investigation of alleged security breaches to help determine root cause, impact, remediation • Respond to incidents reported by users through Stantec's IT ticketing systems • Assist IT Security administrators in management and operational configuration of IT Security systems and controls • Document all security incidents and near misses reported in our incident response system • Other duties as assigned

• Apply expert knowledge of concepts, processes, practices, and procedures on technical assignments • Support enterprise Cybersecurity standards • In coordination with Government develop and implement Cybersecurity standards and procedures • Coordinate, develop, and recommend security processes for an organization • Recommend Cybersecurity solutions to support customers’ requirements • Identify and report security violations • Recommend and satisfy Cybersecurity requirements based upon the analysis of CSPP, policy, regulatory, and resource demands • Support customers at the highest levels in the development and implementation of processes and policies • Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures • Support design and development of security features for system architecture requirements • Analyze and make recommendations of security requirements for computer systems which may include mainframes, workstations, and personal computers • Support design, development, engineering, and implementation of solutions that meet CSPP requirements • Provide integration and implementation of the computer system security solution • Analyze general Cybersecurity-related technical problems and provide basic engineering and technical support in solving these problems • Support vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle • Perform all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access, theft, or destruction • Ensure that all information systems are functional and secure • Provide subject matter expertise, direction, guidance, tracking, and support on cyber security, risk management, continuous monitoring, security Assessment and Authorization (A&A), and business processes that support a metric-driven environment • Develop, maintain, and update Plans of Action and Milestones (POA&M) to identify system weaknesses, mitigation, and timelines for applying corrective actions

Role Description We are seeking a Cybersecurity Analyst who is available to work out of our Chicago, IL, Cleveland, OH, or Charleston, SC office. The Cybersecurity Analyst will have the exciting opportunity to play a key role in expanding Brookfield Property’s information security program. You will be responsible for working with the security engineering team to: - Remediate threats - Identify opportunities to improve security processes - Hunt for emerging threats - Maintain our industry-leading portfolio of security tools This is a hands-on role; familiarity with Enterprise Security Architectures, Windows systems, Networking, and OT/BMS is critical. Overall, we seek qualities that display our company’s core values which are Humility, Attitude, Do the Right Thing, Together, and Own it. Role & Responsibilities: - Review security incidents to remediate threats and help lead the escalation of security events in conjunction with the incident response plan - Monitor and support security tools to ensure effective detection and response, including assisting with tuning to reduce false positives - Work with our MSSP and other vendors to optimize the escalation processes and reduce false positives - Collaborate with business and technology teams to promote security awareness and support security best practices - Follow established playbooks and operational procedures during incident response, and contribute feedback for continuous improvement - Participate in generating operational improvements through security orchestration and automation tools Qualifications - Bachelor’s degree in Computer Science, Information Security/Cybersecurity, or a related discipline (machine learning, statistics, mathematics, etc.) - At least 1 year of experience in Security or 3 years in IT including Incident Detection, Incident Response, System Administration, or Service Desk - Understanding of fundamental security architecture and networking concepts - Ability to assess and prioritize multiple alerts or incidents based on risk and business impact - Experience participating in major incident response efforts within a fast-paced environment - Able to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and authoritative manner - Knowledge of forensics techniques to determine root cause for security incidents - Documentation and process improvement skills - Experience with Windows, networking, or audit logs, SIEM technologies are a plus - Proven track record of analyzing, diagnosing and solving complex issues - Experience with Cloud technologies including AWS, Azure, and GCP - Security+, CySA+, or equivalent foundational certifications Desired Skills - Previous experience in an environment with extensive OT/IoT presence - Communication skills that translate technical concepts to non-technical stakeholders - Ability to find a balance between Security and Business objectives, by creating a culture where security is a major consideration - Scripting in Python, Bash, or other common languages - Process improvement through automating tasks or scripting Benefits - 401K matching - Tuition reimbursement - Summer Fridays - Paid maternity leave - Generous employee referral program Company Description Brookfield Properties strives to create spaces where going to work never feels routine. We are proud to create a diverse environment and are proud to be an equal opportunity employer. We are grateful for your interest in this position; however, only candidates selected for pre-screening will be contacted.

Role Description The Information Security Awareness Analyst is responsible for analyzing, implementing and maintaining security controls which enforce the information security policies and security best practice at Children's Minnesota. The analyst will focus on managing and utilizing our security awareness training tools and resources to train users and intensely raise security awareness across the organization. The analyst is also expected to have knowledge of security monitoring tools and responding to security threats and incidents to support SOC activities as needed. The ideal candidate should possess a combination of soft skills and technical skills and have experience training and communicating with users at all levels. Qualifications - Associate's degree in a computer field or equivalent Information Security work experience required. - Bachelor's degree preferred. - 2 to 4 years of IT experience with responsibilities for Information Security. Requirements - CISSP, CompTIA Security+, GIAC certifications or similar preferred, but not required. - Knowledge and experience running and managing Security Awareness tools such as KnowBe4 to conduct phishing exercises. - Knowledge and experience developing security awareness content, including newsletters, PowerPoints, security tips, guidelines and other materials. - Knowledge and experience training, presenting and communicating with users at all levels. - Knowledge and experience developing security awareness training initiatives that reduce the risk of user behavior / insider threat. - Knowledge and experience with threat intelligence, conducting threat research and documenting threat/vulnerability briefings for leadership. - Ability to identify security issues gaps or risks in People, Process and Technology, and recommending mitigation strategies to management. - Ability to utilize SOC tools and processes, preferably in M365 environment, which may include working with our MDR provider, incident response plans, SIEM, forensics, DLP and CASB tools. - Ability to work effectively as a team member and independently with minimal supervision. - Excellent written and verbal communication skills. - Strong knowledge of Microsoft Office suite of products - Word, Excel, PowerPoint, Visio, etc. Benefits - Medical, dental, vision, retirement, and other fringe benefits may be available. - Positions that require night, weekend or on-call work may be eligible for shift differentials or premium pay.