Security Analyst

We are looking for a Security Analyst! Reach out if you are interested and feel free to refer friends/colleagues!

Type of Employment: Contract
Title: Security Analyst
Term: Contract – 6 months with extension
Location: Toronto – Hybrid once a week on-site
Industry: Banking
Job ID number: 182

Job Description:

The Consultant, Information Security is responsible for delivering technical expertise in the development and support of activities, processes, procedures and tools for protecting technology based information. The role works on complex issues involving one or more technical areas, mentoring employees and performing tasks of advanced technical depth and breadth. The Consultant, Information Security troubleshoots complex issues for all levels while reviewing, developing, testing and implementing security plans and control techniques. The role exercises independent judgement and decision making within ownership of projects, defining and supporting the implementation of the minimum security configuration for all IT hardware and software and ensuring that industry best practices are maintained. Using strong analytic and inductive thinking, the role assesses projects for security risks, identifying the potential exposures, and presenting recommendations that are practical and achievable, enabling the business to make informed risk decisions.

How you’ll succeed

• Operations – Design PAM processes and strategies to securely manage the privileged ID lifecycle. Implement, configure, deploy, & support PAM solutions. Provide PAM subject matter expertise for business and technical project teams. Coach and serve as a technical escalation resource to team members on all PAM related technical issues. Execute cloud vision by providing technical expertise/guidance in cloud technologies. You will rotate on-call coverage with the rest of the team.
• Security assessments – Leverage your expertise in Information Security Management to prepare and conduct assessments for both planned initiatives and unplanned instances. Perform clear and thorough threat and vulnerability scans of internal and external devices. Use your knowledge of processes, tools, techniques, and practices for assuring consistency to standards associated with accessing, altering, and protecting organizational data.
• Consulting – You will be responsible for collaborating with projects and other technology or business partners to create and execute privileged access management for new & existing infrastructure, aligning with Identity & Access Management (IAM) initiatives and related policies, standards, and procedures to help enhance our information security posture. Assist other teams in investigation of potential security incidents and provide recommendations to remediate.
• Risk reviews – Examine and interpret requirement documents and architecture diagrams. Collaborate with senior leaders and make informed, risk-based recommendations to enhance information system security. Weigh business needs against security concerns to help guide the business to make practical and informed risk choices.
• Continuous Improvement – You will be well-versed with key information security processes and policies, as well as related operational enterprise processes and policies leveraged across technology. You will recommend solutions to enhance processess, eliminate risks, and improve the speed and quality of key services to our partners. Apply appropriate tools to perform problem determination and root cause analysis; identify bottlenecks, redundancies and vulnerabilities of existing processes as they relate to identity and access management. Conduct gap analysis of existing process/procedures, development/maintenance of clear training/work level instruction documentation, review and update of controls and supporting documentation, coordinate and maintain currency of all knowledge related to the Lifecycle of Privileged Access Management.

Must Have Requirement:

• 5+ years’ experience in Information Security Analyst (PAM)
• Cyberark experience L2 operations/L3 security engineering experience (PSM, CPM, PVWA, Bulk uploads) – 5 years
• IAM experience – 3 years
• Operating system (windows/Linux/Unix, all data base platforms, mainframe AS400) – 5+ years
• Working technical knowledge of cryptography (synchronous, Asynchronous encryption standards), SSL certificates and SSH keys. –
• Active directory – 5 years
• Sailpoint experience – 3 years
• Strong communication skills

Nice to Have:

• History as a developer with experience in various
• Familiarity with enterprise change management processes
• Knowledge of Cloud Computing technologies – Azure
• Agile experience
• Exposure to code promotion processes
• CISSP certification is an asset.
• Jira and confluence