IT Security Analyst

JOB DESCRIPTION

Location: Hybrid | Scarborough

Duration: 6 months

Our client, a leading financial institution in Downtown Toronto, is looking for an IT Security Analyst to provide strategic guidance and technical expertise to business lines, IT support functions, and IS&C Control functions to include security within the early stages of the design of the Bank´s technological solutions. The successful candidate will have the opportunity to work with one of the Top 5 Banks in Canada.

Typical Day in role:

Reporting to the Senior Manager of Security Advisory (US Advisory), the Information Security Advisor provides guidance to business lines to ensure design, development and implementation of complex projects and initiatives are in accordance with the Bank’s Information Security Standards and in compliance with industry regulations. In this role, you will be supporting various business lines while assisting them in making informed decisions to protect information assets deployed in various environments.

  • Providing the following functions to bank’s Initiatives:
  • Conducting Threat Risk Assessments and performing security advisory work on specific applications and infrastructure associated with bank’s LATAM subsidiaries and other Initiatives ensuring that controls are adequate, meet Bank standards, and enable business objectives. 
  • Conducting Risk Management activities.
  • Provide Quality Assurance on Threat Risk Assessments and Threat Modelling as required for Cloud initiatives. Provide strategic guidance and technical expertise on security solutions and recommend best practices.
  • Collaborate with cross-functional teams to design and implement robust security architectures for various systems, applications, and networks.
  • Evaluate existing security solutions and propose enhancements or new designs to address emerging threats and business requirements.
  • Ensure alignment with industry best practices, compliance standards, and organizational security policies.
  • Identify security weaknesses, vulnerabilities, and gaps in existing systems and recommend remediation strategies.
  • Provide support on how to apply the Bank’s portfolio of standards to the technology footprint of bank’s subsidiaries.
  • Provide oversight over the specific line of business security posture, ensuring that all tools available to detect and remediate security risks have been applied.
  • Conduct industry reviews and benchmarking exercises to ensure our controls are aligned with our peers, emerging threats, and available mitigation strategies.
  • Working directly with technical leads from assigned Lines of Businesses supporting their initiatives from an Information Security perspective.
  • Providing relationship management function primarily to LATAM subsidiaries from an Information Security perspective.

Must-Have Skills:

  • 5+ years of hands-on technical working experience in performing security assessments on various platforms, network infrastructure and complex applications.
  • 3+ years of Experience with Threat Risk Assessments of applications hosted on premise, cloud, hybrid cloud and SaaS.
  • 5+ years of experience in security solution architecture, software development, and/or hands-on experience with implementations to various environments, knowledge of application security controls, including compensating controls and cloud-based security solutions
  • Deep understanding of DLP tooling and controls including enhanced monitoring and authentication standards.
  • Bilingual in Spanish

Nice-To-Have Skills:

  • Prior experience using ServiceNow platform
  • You have solid knowledge of cloud technologies and cloud security (GCP or Azure or AWS)
  • Security engineering, security architecture, and/or security risk based certifications (CISSP, CISM, CCSP, CRISC)
  • Familiar with industry standards and frameworks e.g., NIST 800-53, ISO 27001, ISO27002, ISO 27017, ISO27018, PCI DSS, CIS.

Soft Skills Required:

  • You are a strong communicator and capable of creating clear documentation and communicating ideas to others
  • You possess advanced communication (verbal/written/presentation) skills in English.

Education:

  • Post-secondary education in Computer Science or in a related field.

Finance professional is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. We advocate for you and welcome anyone regardless of race, color, religion, national origin, sex, physical or mental disability, or age.