Senior Programmer/Analyst, Security Analyst

Okanagan College



Okanagan College transforms lives and communities.  We are one of Canada’s leading colleges.  We create outstanding educational experiences for our learners, both students and employees.  We work and learn in a welcoming and caring culture.  We are a catalyst for change through collaboration with our learners and partners.  We serve, lead and anticipate the social, economic and environmental needs of communities.

Position Title:

Senior Programmer/Analyst, Security Analyst

Competition Number:



IT Services


Network Services




Position Summary:


Under the direction of the Manager, IT Security, the Senior Programmer Analyst, Security Analyst provides subject matter expertise, advisement, implementation, and senior technical security experience to the Okanagan College IT department. Responsibilities include ongoing protection of information security assets, devices, applications, networks, websites, on-premise and cloud-based systems. The role guides development and implementation of new security solutions or system changes and provides incident response, investigation, mitigation, and prevention activities. The Security Analyst is hands-on with daily IT operations and technical teams to ensure Okanagan College delivers secure services, protects sensitive information, and follows regulatory and industry security best practices. Additionally, participates in the creation and maintenance of policies, standards, baselines, guidelines and procedures, conducts audits, penetration testing, vulnerability assessments, and assists with security advocacy and awareness training throughout the organization.


Education and Experience:


Graduation from a four-year university/college computer science program, plus a minimum of 6 years progressive and directly related technical experience in the areas of IT Security, Penetration Testing, Software Development and/or Systems Administration. Comprehensive knowledge of information security principles, standards, best practices, and industry trends is required. Professional certifications or extended training in Penetration Testing, Network/Application Security, Cloud Security, Service virtualization or Windows and Linux System Administration are an asset. (Examples: GIAC, CISSP, CISM, OSCP, CompTIA Security+) Experience working in Post-Secondary Education environment, or with large public sector enterprise systems would be an asset


Skills and Abilities:


Strong security, system administration, networking, and software abilities, including:
• Comprehensive knowledge of information security principles, standards, best practices, and industry trends. Familiar with common attack vectors, tools, and mitigation strategies. Able to deploy and use security tools and techniques in daily operations
• Exceptional analytical, troubleshooting, and problem-solving skills. Ability to investigate and assess security, network, and software-related issues, analyze data such as logs or packet captures from various sources within the enterprise and draw conclusions regarding security incidents, system access, functionality, or other troubleshooting
• Ability to perform security audits, network and application penetration testing, vulnerability assessments, incident response/management, and general security assessments/testing. Can produce written reports to communicate findings and make recommendations to technical teams and management
• Ability to define, apply, promote, and advocate for security best practices, standards, data privacy, secure architecture/coding, and quality assurance standards across the organization
• Advanced networking concepts, understanding of web application communication and network protocols, including DNS, TCP/IP, UDP, HTTP/S, SSL/TLS, IP addressing, ports, web sockets, network firewall and switch configuration
• Advanced System and OS Administration on Windows and Linux servers. Comfortable with system configuration and hardening, patching, command line tools, shell/batch scripting (Linux Bash/shell, Windows Powershell, Python, etc)
• Strong architectural and design concepts, including application stacks, high availability, load balancing/proxy, SSL, SSO, security, authentication and authorization, session management, Active Directory integration
• Solid understanding of virtualization, containerization, orchestration, cloud service architecture, build pipeline and deployment automation, infrastructure as code (VMWare, Docker, Kubernetes, Git, Jenkins, Azure, AWS)
• Good relational database concepts and SQL skills using enterprise databases (e.g. Oracle, MS SQL Server, MySQL)
• Exceptionally motivated learning ability. Researches latest security products, trends, malware, exploits, attack vectors and stays up to date with emerging technologies and tools. Actively seeks continuous improvement and professional development
• Very strong written, oral, and interpersonal communication skills. Must be able to participate in meetings and group discussions, work effectively with interdisciplinary teams, create formal and informal documentation, and exercise courtesy, professionalism, tact and discretion
• Highly self-motivated and directed; Ability to work with limited supervision, provide supervision and guidance to others within subject matter expertise area. Ability to work both independently and in a team-oriented, collaborative environment
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Leads by example, creates positive team culture, demonstrates technical and service excellence


Appointment Type:

Support – Regular Full-time

Appointment Start Date:


Annual Salary/Hourly Rate:

$57,693 – $65,971. NOTE: In addition to the annual salary, a $10,000 annual labour market stipend applies to this position.

Special Instructions to Applicants:

Shortlisted internal candidates must notify the current Support Staff Bargaining Chairperson and Human Resources if they want a Union Observer during interviews and final selection of candidates.


Posting Opening Date:


Posting Closing Date:


How to Apply

To apply for this position, please go to the following website: and complete an on-line application.