IT Security Analyst - Identifying and analyzing unvaulted privileged access across servers and environments - 100850-1

Position Title: It Security Analyst

Duration: 9 months

Start/End Dates: 4/6/2026 - 1/5/2027

Remote/Hybrid: Hybrid - Every Tuesday and every second Friday

Office Location: 81 Bay Street

Interview - 1 round - in person

Line of Business:

Privileged Identity & Access Services (PIAS) / Information Security

The PIAS team sits within the Cyber organization and owns enterprise Privileged Access Management (PAM) and broader Identity & Access Management (IAM) capabilities. The team acts as the technical business arm of IAM bridging security tooling, infrastructure teams, and business account owners.

Key responsibilities of the LOB include:

• Owning privileged access across servers and environments (including DMZ and non DMZ)

• Ensuring privileged accounts are properly vaulted, governed, and compliant

• Driving IAM/PAM process improvements across multiple portfolios

• Partnering with application, infrastructure, and business teams to remediate access gaps and onboard privileged accounts to standard solutions

Job Description:

The IT Security Analyst (L7) will function as a technical Business Analyst and PAM subject matter partner for Privileged Identity & Access initiatives. The role requires deep understanding of privileged access concepts, the ability to engage business and technical stakeholders, and the skills to drive onboarding, remediation, documentation, and process improvements.

This individual will assess current privileged access usage, work with account owners to define secure access requirements, and coordinate onboarding into standardized PAM solutions (primarily CyberArk). The role also contributes to broader IAM/PAM process maturity.

This role will support a Privileged Access Management remediation and onboarding initiative.

Key project activities include:

• Identifying and analyzing unvaulted privileged access across servers and environments (including behind DMZs)

• Engaging account and application owners to understand how access is used, why it is required, and what risks exist

• Translating business and technical needs into vaulted account requirements

• Coordinating with multiple technology teams involved in:

Provisioning

Validation

PAM onboarding

• Supporting onboarding of human privileged access (CyberArk) and limited non human access (HashiCorp Vault - exposure may be minimal but possible)

• Producing technical and procedural documentation

• Driving process enhancements and improvements across PAM portfolios that may extend beyond this single initiative

This is a hands on, coordination heavy role requiring both technical PAM knowledge and strong business analysis capability.

Must Have Requirement:

8-10+ years of experience across IT, Security, or IAM/PAM roles

Strong experience acting as a technical Business Analyst

Direct experience with Privileged Access Management concepts

Hands on experience or strong working knowledge of CyberArk

Ability to analyze existing access, assess risk, and translate needs into requirements

Experience coordinating across multiple technology and business teams

Strong documentation skills (technical + procedural)

Nice to Have:

Experience with HashiCorp Vault (especially non human privileged access)

IAM/PAM experience in a financial institution or regulated environment

Security certifications (CISSP, CISM, CRISC, CCSP - asset)

Soft Skills:

Strong stakeholder engagement and communication skills

Ability to run effective meetings, coordinate contributors, and capture actions

Comfortable working with ambiguity and incomplete information

Strong written communication and documentation capability