Synopsis of the role
As our IT Security Analyst, this role requires a motivated self-starter. Someone who has strong analytical and problem-solving skills, a deep understanding of risk and compliance management principles, excellent communication and report-writing abilities, and knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and believe in due diligence. Responsibilities include but are not limited to:
What you’ll do
- Proactively identify and address system, network, and data to prevent cyber-attacks.
- Assess and validate security controls, while suggesting compensating controls to address vulnerabilities and control gaps.
- Collaborate with stakeholders to remediate application and infrastructure vulnerabilities.
- Conduct vulnerability penetration tests and security controls risk assessments.
- Facilitate information gathering and reporting for Internal and External Audit functions.
- Provide recommendations to the Technology Information Security Officer on the risks posture that are related to the Equifax Canada environment.
- Partner with Technology on security engagements by opening front door requests and collecting evidence for projects.
- Support evidence collection for various security compliance frameworks, including NIST, PCI-DSS, ISO 27001, and SOC assessments.
What experience you need
- Minimum 4+ years in security and 2+ years of experience with risk assessment, application security, and cloud security.
- Good understanding of technical security controls, secure coding standards, and hands-on experience with cloud such as GCP and AWS.
- Strong understanding of PKI, encryption standards, microservices architectures, Kubernetes security.
- Experience with ServiceNow, Jira, and/or other reporting platform tools including creating workflows, dashboard creation, and optimization.
- Pays attention to team needs and pivots his/her approaches accordingly to support the delivery of business value.
- Expert in ability to communicate to advanced technical teams as well as brief management on technical risks and issues.
- Exposure to audits like PCI, SOC, ISO 27001 and familiarity with common security frameworks NIST, COBIT, ITIL, ISO.
- Proactive, detail-oriented, and able to work independently and efficiently.
What could set you apart
- Passionate about Cybersecurity.
- Demonstrate passion for continuous learning.
- Bilingual (French language is an asset)
- Previous experience working in cyber security and risk management at a large company.
Primary Location
CAN-Toronto-5700 Yonge, CAN-Montreal
Function
Function - Security Governance and Compliance
Schedule
Full time #J-18808-Ljbffr
Emplois favoris
Vous devez être connecté pour pouvoir ajouter un emploi aux favoris
Connexion ou Créez un compte