Information Security Analyst

Montreal

Offre publiée le 2024-06-26

Barclay Simpson

Information Security Analyst required for market-leading financial services firm. The role be focused on supporting their GRC function and assisting with certification of ISO27001 Role Overview

  • Support the development, implementation, and maintenance of information security policies, procedures, and standards.
  • Support the establishment and enforcement of information security best practices and controls across the Global Executive Office and Member Firms.
  • Provide support and expertise to ensure the confidentiality, integrity, and availability of company data and systems.
  • Mentor and guide junior team members in information security best practices

Key Responsibilities

  • Contribute to the development of a cybersecurity-oriented culture within the global network.
  • Support the definition of information security standards, policies and procedures for both Global Executive Office and the wider Network.
  • Support the monitoring and reporting of a global Information Security Management System (ISMS) across 100 different locations to ensure compliance with the requirements of ISO27001.
  • Support the recertification process to ISO27001 : 2022, coordinating the migration across 100 different locations.
  • Conduct due diligence and assessments of third-party and Member Firm information security policies, standards, controls, and assurance.
  • Assess security risks and track remediation activities for the global network.
  • Provide advice and guidance on improvements and remediation actions to enhance security posture.
  • Assess and manage third-party vendor security risks with respect to the Global Executive Office.
  • Support the mentorship of the information security governance team members to foster a culture of collaboration, learning, and excellence within the team.

Skills, Knowledge, and Experience

  • Professional certifications such as CISSP, CRISC, CISM, or CISA are highly desirable.
  • Experience in information security, including hands-on technical expertise, along with a proven track record in team management and leadership.
  • Strong knowledge of information security frameworks, standards, and best practices.
  • Excellent communication and interpersonal skills.
  • Experience with information security and IT Audit, Risk, and Technology Assurance.
  • Excellent knowledge and understanding of information security risks and threats, with the ability effectively communicate and collaborate with stakeholders to identify potential areas for improvement.
  • Proficiency in the concise communication of security concepts to a broad audience while demonstrating their relevance to business value.
  • Proficiency in engaging stakeholders at all levels, interacting with individuals from diverse backgrounds, including those from business and technical domains, both internally and externally facing.
  • Familiarity with security frameworks such as ISO27001 and the NIST Cyber Security Framework.
  • Desirable understanding of data privacy regulations, e.g. GDPR.

IND123

J-18808-Ljbffr

30+ days ago