Information Security Analyst with strong Auditing and compliance experience- Fulltime- Hybrid work model

Role:

The Information Security Specialist will coordinate, plan and/or organize the development and delivery of Information Security services to business units in order to maintain the integrity of vital computer applications and information systems across the corporation and to support executives and managers in fulfilling their due diligence responsibilities regarding Information Technology Security.

What you'll do

• Contribute to the development of Information Security Policy, Program and procedures for business units consistent with corporate security objectives and generally accepted and leading-edge Information Security practices and professional security standards; working collaboratively with IT Process Development Leaders and Information Security Leadership team.
• Extensive experience on IT audit and compliance framework and structure adherence to NIST, ISO, CSA etc
• Participate and coordinate in the fulfilment of regulatory compliance requirements, from the collection of evidence from various stakeholders to ensuring retention and communication of audit evidence to support audits.
• Support internal and external audit activities through information collection and participation in interviews; and collection, dis-semination and retention of audit evidence.
• Report results of Information Security assessments with conclusions, recommendations for improvement, planned management actions, follow-up status to Information Security Leadership Team.
• Support in the development and delivery of Identity and Access Management roadmap, IAM program governance including advice and consultation to key business stakeholders, to further support corporate security controls.
• Design and deliver simulated phishing campaigns and cyber security training support utilizing an online tool and ensuring configuration of the tool continues to deliver on the cyber security program and required metrics are generated for helpful insights.
• Collect performance metrics for information security and create presentations to show trends over time, focusing on areas of improvement and degrade of security controls.
• Contribute to the development of cyber security awareness training materials, general Cyber Security education including in-person presentations to staff.
• 
  
• As required, will lead/support projects, continuous improvement initiatives, perform assigned work, resolve problems and assess performance.
• Work with business units to determine data classification and ownership/custodianship.
• Ensure there are adequate security tools available for performing system reviews.

MUST HAVE

• Minimum 5 years to 10 years experience in information security audit and compliance
• Requires experience coordinating/analyzing enterprise security systems on a diverse set of computing platforms, operating systems and applications, especially Windows NT and UNIX.
• Experience with systems implementation, identity and access management program and processes, cyber security risks and controls.
• Previous experience as part of a large multi-disciplined project, and with systems vendors, which requires having sound project management skills.

Education:

• Requires a sound knowledge of computer science, information technology systems and MS Office productivity tools.
• Excellent written and oral communication skills, to work collaboratively with peers and cross functional teams, end-users, review/input on procedures, standards and/or methods; and design/deliver training materials.
• This knowledge is considered to be normally acquired either through the successful completion of a university degree in the area of Computer Science or related discipline or equivalent.

Work Model: 2-3 days hybrid work model