Security Analyst

HRBrain

CONTRACT
Canada
Posted 1 year ago

We are looking for a Security Analyst! Reach out if you are interested and feel free to refer friends/colleagues!

 

Type of Employment: Contract
Title: Security Analyst
Term: 9-month Contract – 35 hours
Location: Waterloo or Montreal
Job ID number: C1004

 

Brief description of duties:

 

As a member of the Group Benefits Retirement Services (GBRS) IT Risk Management team, you will serve as the technical authority answering to our client security assessments by actively participating in client calls and attending meetings to understand what the client’s Security Compliance requirements are.

Responsibilities

  • Interact with the client’s Global Information Risk Management team, Canadian Division Information Risk Management team, the Global Security and ETS teams
  • Develop a solid grasp of overall polices and security standards
  • Support security assessments which will include self-assessment questionnaires, contract reviews, site visits and external audit reports analysis
  • Provide Controls, Audit, and Compliance consulting support for Program(s) and Program teams and initiatives
  • Consult with the Group Benefits business unit on information security, compliance, and controls requirements
  • Assess compliance and drive remediation/alignment with the client’s Security Policies, Standards and Procedures
  • Review and provide assessments into the control monitoring process, ensuring that appropriate internal controls are followed for all underpinning processes

 

MUST haves:

 

  • Bachelor’s degree in computer science or equivalent and relevant professional experience
  • At least 3 – 5 years of working experience in information security audit and contracts reviews.
  • Professional certification(s) related to information controls, audit, or compliance such as CISSP, CRISC, CISM, CISA, GIAC is helpful
  • Extraordinary written and oral communication skills
  • Working knowledge of French is considered an asset
  • Must have a deep understanding of IT controls combined with information technology audit and compliance experience
  • Must have the ability to analyze and synthesize information and complex issues to develop meaningful analyses to help make informed decisions
  • Must have the ability to analyze and form an opinion on risks and controls relating to systems and link to associated business impacts
  • Must have the ability to voice opinions (supported by facts), call out issues and ideas, and positively handle conflict
  • Must be familiar with IT General Controls
  • Solid understanding of industry frameworks such as NIST, ISO, COBIT5, and CSA

Job Features

Job CategorySecurity Analyst
Information security audit3-5
Contracts review3-5

Apply Online