Senior IT Security Analyst

Who We Are

Kinross is a Canadian-based global senior gold mining company with operations and projects in the United States, Brazil, Mauritania, Chile and Canada. Our focus on delivering value is based on our four core values of Putting People First, Outstanding Corporate Citizenship, High Performance Culture, and Rigorous Financial Discipline. Kinross maintains listings on the Toronto Stock Exchange (symbol:K) and the New York Stock Exchange (symbol:KGC). 
 

Mining responsibly is a priority for Kinross, and we foster a culture that makes responsible mining and operational success inseparable. In 2021, Kinross committed to a greenhouse gas reduction action plan as part of its Climate Change strategy, reached approximately 1 million beneficiaries through its community programs, and recycled 80% of the water used at our sites. We also achieved record high levels of local employment, with 99% of total workforce from within host countries, and advanced inclusion and diversity targets, including instituting a Global Inclusion and Diversity Leadership Council. 
Eager to know more about us? Visit Home - Kinross Gold Corporation

Job Description

Job Responsibilities

• Leadership and Strategy: 
  • Help design and implement robust security solutions that align with business goals and the evolving threat landscape. 
  • Contribute to the continuous improvement of security architecture, recommending new technologies and services. 
  • Act as a security lead on corporate projects, ensuring proper security controls are integrated from inception. 
  • Mentor and support junior analysts, serving as a primary escalation point for complex security issues. 
  • Conduct security awareness training for staff, fostering a security-conscious culture. 

• Cloud Security Architecture & Strategy: Lead the design, implementation, and continuous improvement of security controls and best practices for our cloud platforms, e.g. Azure. This includes securing IaaS, PaaS, and SaaS deployments and integrating cloud security into the overall enterprise security architecture. 

.

• Incident Response: Lead investigations of cybersecurity incidents, perform root cause analyses, and recommend corrective actions. Develop and maintain incident response playbooks, and coordinate remediation efforts, potentially during off-hours. 

• Endpoint Security: Manage and optimize endpoint protection platforms (e.g., EDR, antivirus, DLP) across the enterprise. Conduct in-depth vulnerability assessments and penetration testing, recommending and tracking remediation efforts. 

• Security Monitoring and Threat Hunting: Configure, monitor, and analyze logs from SIEM tools such as Splunk to detect suspicious activity and generate reports. Proactively hunt for threats, utilizing SIEM & security tools to analyze logs and identify anomalies. 

• Identity and Access Management (IAM): Oversee IAM processes, enforce access controls, and ensure proper provisioning and deprovisioning of user accounts. Oversee and enforce robust access controls within cloud environments, including the management of cloud-native IAM services. Ensure proper segmentation, least privilege principles, and secure access for both human and machine identities. 

• Risk Assessment and Management: Conduct comprehensive security risk assessments and vulnerability scans. Articulate the impact of control gaps to the business and assist in developing and executing mitigation and remediation plans.  

• 3rd Party Risk Management: Conduct Cloud Security Assessments for SaaS and PaaS platforms to ensure vendors are meeting the minimum-security requirements prior to deployment. Conduct security assessments for end-user software and desktop applications. 

• Policy and Compliance: Develop and enforce IT security policies, standards, and procedures in alignment with industry best practices and regulatory requirements (e.g., GDPR, NIST, ISO 27001). Participate in internal and external security audits. 

.

• AI-Driven Security Integration & Oversight: 
  • Leverage AI for Enhanced Threat Detection: Proficiently use AI-powered tools like Next-Generation SIEM and XDR to analyze vast volumes of data, detecting subtle anomalies and complex attack patterns that traditional methods might miss. Understand how AI reduces alert fatigue by prioritizing critical threats. 
  • Automate Routine Tasks with AI: Identify and implement opportunities to automate security processes, such as alert triage and initial incident investigation, using AI and scripting. 
  • Stay Current with AI-Powered Threats: Research and understand how attackers utilize AI (e.g., for sophisticated phishing, polymorphic malware) to inform defensive strategies. 
  • Contribute to Autonomous SOC Vision: explore leveraging AI to develop automated security playbooks, moving towards a more predictive and self-healing security posture. 

• Collaboration: Work closely with other IT teams to ensure security is embedded throughout the organization. Effectively communicate complex security concepts to both technical and non-technical stakeholders, including senior management. 

Education and Experience

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. 
• Minimum 8 years of hands-on progressive experience in information security, with a strong background in: 
• Cybersecurity incident detection and response, including leading investigations and forensic analysis. 
• Endpoint security technologies (e.g., Cisco Secure Endpoint, Forcepoint SSL Decryption, Sophos, Trellix EDR). 
• SIEM tools, specifically Splunk (including advanced use of SPL). 
• Identity and Access Management systems (e.g., EntraID, Saviynt, SailPoint). 
• Network security, cloud security principles (AWS, Azure, GCP), and secure software development lifecycle (SSDLC). 
• Deep understanding of cybersecurity frameworks (NIST, ISO 27001, CIS Controls). 
• Experience with scripting and automation (e.g., Python, PowerShell, Regex) is a strong plus, particularly for integrating with security tools and AI-driven processes. 
• Advanced knowledge of security technologies including firewalls, IPS/IDS, EDR, IAM, web/message filtering, and encryption. 
• Up-to-date knowledge of the latest security threats, countermeasures, and emerging cybercrime trends, with an emphasis on AI-driven attack methodologies. 

At least one of the following is required:

• A certificate from (ISC)² 
• Preferred: CISSP - Certified Information Systems Security Professional 
• A certificate from SANS 
• Preferred: GCIH - GIAC Certified Incident Handler 
• CEH - Certified Ethical Hacker 
• OSCP - OffSec Certified Professional 
• Bonus: Splunk certifications (e.g., Splunk Certified Power User, Splunk Certified Enterprise Security Admin) 

Key Competencies

• Strong analytical and problem-solving skills, with the ability to perform root cause analysis for complex security incidents. 
• High attention to detail and critical thinking, particularly in dissecting security incidents and evaluating AI outputs. 
• Excellent communication skills (written and verbal), with the ability to articulate complex technical concepts to diverse audiences, including executive leadership. 
• Ability to work independently, manage multiple priorities, and lead security initiatives. 
• Strong leadership and mentoring abilities, with a commitment to developing junior team members. 
• Proactive and adaptive mindset, especially in response to evolving cybersecurity threats and advancements in AI.