• jobs
  • 5 days ago

jobs description

About the Role:

Reporting to the VP of Technology, the IT Security Analyst is responsible for effectively overseeing and implementing information security controls, addressing daily information security incidents, conducting investigations, and providing recommendations based on the incident's outcome. The successful candidate will identify and implement the necessary controls and processes to ensure the business is protected against cyber security incidents. Passionate about developing policy, the IT security analyst will be an effective communicator influencing organizational decisions.

Key Responsibilities:
• Responsible for policy development, including annual review and risk assessment across the enterprise.
• Driving the business to follow the company's information security policies.
• Provide on-call assistance.
• Identify key vendors, use an online platform to periodically assess vendors' security posture based on risk, and maintain third-party SOC and other independent... audit reports.
• Identify critical information assets and assess the risks associated with data management practices. Maintain updated data flow diagrams to address data protection risks.
• Assist with developing, implementing and testing the security incident response plan. Document all activities during an incident and provide leadership with status updates during the incident life cycle.
• Effectively communicate with users, peers, and management regarding information security-related matters, audits, regulatory requirements, policies, etc. Prepare management presentation reports, including security metrics.
• Assist in developing security-related programs such as employee training, phishing tests, system and vendor audits, client Requests for Information (RFI), document and/or information gathering, and review of user exception requests.
• Work closely with infrastructure, business teams, and third-party security service providers to help achieve the desired security goals and objectives.
• Support IT system owners with Disaster Recovery and Business Continuity Planning and testing. Maintain DRP/BCP documentation for all major IT areas.

Job-Specific Knowledge and Skills:
• 4+ years of IT Network/System Administrator and IT Security Experience.
• Must have experience in successfully implementing policy, standards, and technical security Controls.
• Must have In-depth knowledge of Security Frameworks, Governance and Compliance Documentation, Industry Audit requirements (ISO27001, IATF, TISAX), Azure, Office365, and Entra (AAD)
• Should be familiar with Networks and Data communications, System Management Activities, Active Directory, Microsoft O/S, Exchange Server, Desktop applications, Firewall and Database Management Systems

• 3- or 4-year College degree in Computer Science program or equivalent

Certifications / Designations:
• Must have any of the certifications such as MCITP Enterprise Admin, ITIL, CCNA
• CISSP – Certified Information Security Professional and CGRC – Governance, Risk & Compliance is an asset.

The employee will require a valid Driver’s License and a vehicle to travel to other sites/branches in Ontario or the U.S. The employee may require a valid Passport to travel into the U.S., Mexico, or other countries
Brampton ON


Apply - Information Technology Security Analyst Brampton