Information Security Analyst Advisory Jobs in Montréal, Quebec

Excellent time management, task planning, and prioritization skills.

Strong proactive project management skills.

Working with clients to Implement Information Security Risk Management programs.

Bachelor’s degree in any subject area or equivalent experience.

Information Security certifications such as CISM, CISSP, CRISC, CDPSE, GRCP are considered an asset but not required.

Minimum 1 year of leading and implementing information security programs experience.

Experience in developing enterprise dashboard and creating reports to the proper level of management (operational, tactical & strategic)

Experience with compliance programs as well as their technical and security requirements

Manage remediation efforts and track completion status of deficiencies.

Five years of experience working within the technical arena, with 2 or more years of information security work experience

Extensive knowledge of security technology and risk assessment methodologies, policies and processes

Excellent analytical, evaluative, problem-solving and innovation abilities to ensure effective mitigation measures and risk treatment are in place

Knowledge of information security risks in supply chain management.

Knowledge of information security and risk frameworks such as ISO27001, NIST 800-53 and COBIT.

Good ability to build relationships and manage information flows

Professional Information Security qualifications such as CISA or SSCP

Knowledge of auditing frameworks such as ISAE3402 and SOC2

Communicate security risks and issues to FNZ business areas

Post-secondary education in a related field such as Business, Engineering, IT, Healthcare or related field, or equivalent experience.

Collaborate with the Client Services department to review privacy and security requirements in product and implementations.

Define Security baselines and work with Security Operations to implement report and alerting requirements.

Perform security and access reviews for our managed services customer on an as needed basis.

Create and maintain policies, procedures, standards, and processes as needed for our managed services customer.

Manage vendor assessments including questionnaires and RFPs as they relate to existing and prospective clients, vendors, and suppliers.

Endpoint Protection (Anti-virus/Anti-Malware), Privilege Access Management, Data Loss Prevention solutions.

Extensive working knowledge of information security and vulnerabilities/threats, security best practices, tools, and techniques, including encryption

Excellent analytical skills, ability to manage multiple projects under strict timelines, as well as the

College diploma or University degree in the field of computer science and relevant work experience as an Information Security Analyst

Experience in public cloud information security, such as AWS, or Azure Associate of (ISC)2 is required

Certifications desired are: CISSP, Security+, CompTIA Security are all assets

Contract management, disputes and/or asset management.

Associate: 4+ years of relevant work experience in an infrastructure related field; with relevant experiences across one or more of:

Financial analysis and modeling, and/or consideration of economic costs and benefits

Strong analytical skills and capability to provide quality deliverables with an attention to detail

Strong interpersonal and presentation skills for a range of audiences

Working knowledge of accounting concepts and principles (CPA not required)

Provide technical, hands-on incident investigation and support and serve as a primary point of contact with management.

Ability to leverage multiple forms of communication to articulate complex concepts to both technical and non-technical staff, including senior management.

Evaluates projects to ensure proper security requirements and work actively with stakeholders on corporate-wide information security project planning and documentation

Manage operational activities for security operations team.

In-depth knowledge of security monitoring and incident response.

Experience in performing digital forensics in various OS.

Develops and updates information systems security documentation. Ensures that Authority to Operate (ATO) are obtained in a timely manner.

Works closely with Security Operations to provide assistance with tool configuration and operation

Prepares documentation from information obtained from customers using accepted guidelines such as RMF.

Assists with development and implementation of system security plans and contingency plans.

Completes documentation in support of project / sponsor activities (e.g., checklists, questionnaires, et

Strong experience in implementing Information Security Management System based on ISO 27001;

Lead Information Security Governance & Risk Management processes and tools;

Define policies, standards, and processes to ensure secure data management and drive the implementation of security measures;

Manage information security vendor assessments, security attestations, re-certifications, audits, risk assessments, security testing;

Plan and implement identity and access management/governance;

8+ years of experience supporting Information Security governance, risk & compliance programs to meet regulatory or compliance requirements;

Solid understanding of risk management, cyberstrategy and other general security concepts

Permanent management position / Quebec City/Montreal / Hybrid

Direct a team of highly competent and motivated information security service advisors by drawing from your wide multidisciplinary experience

The excellent communication and interpersonal skills necessary to develop high-performance teams and to constantly improve overall security

Flexible working hours and remote work (35 hours/week)

Supervise and be a resource for all activities regarding information security advisory services throughout the organization

Develop and maintain metrics on DLP alert volume, severity, and resolution time, and report regularly on these metrics to management.

Completion of Post-Secondary education in Cyber Security, Information Technology, or a related field.

At least 2 years of experience in cyber security, or a related field, with a focus on DLP alerts.

Experience with DLP tools including cloud DLP.

Strong technical skills in data analysis.

Strong analytical and problem-solving skills, including the ability to identify and prioritize DLP alerts based on risk and impact.

Strong time management skills and ability to cope with changing priorities and strict deadlines.

Strong technical accounting skills and knowledge of Generally Accepted Accounting Principles (GAAP);

2 to 3 weeks paid vacation, according to experience

Executing financial due diligence mandates which include the preparation of data books, assessing the quality of earnings and working capital requirements;

3+ years of public accounting experience;

Experience in due diligence, an asset;

Working knowledge of industry reports, certifications (ISO, SOC, etc.), and ability to interpret standards, policies, and supporting materials.

Job Location: We have requirements in Toronto, ON / London, ON / Winnipeg, MB; locations.

Remote-Work Options: Fully remote – unless attending in-office meetings.

Experience in third-party risk assessments and methodologies.

Experience with security and privacy risk assessments and audit processes.

Excellent knowledge of security technologies and tools.

Excellent communication and collaboration skills.

University degree/college diploma in related discipline(s) or equivalent work experience, and/or 3+ years in security IT industry experience

Strong knowledge of cloud computing platforms, such as AWS, Azure, or Google Cloud, and their security features

Work experience in Financial Industry preferred

Ensure the Cyber Security capabilities and protection mechanisms are running well.

Provide technical skills as Subject Matter Expert in various security technologies

Security policy and process management

Excellent knowledge and experience with risk assessment, threat detection, SIEM, SAAS security, endpoint protection, and malware analysis

Knowledge and experience with AWS or GCP

Bachelor's degree, preferably in a technology related field, or equivalent work experience.

Minimum 3 years of IT security experience

Security certification (CISSP, CISM, or similar)

0-1 years of Investment Banking experience

Relevant work or internship experience

Excellent grasp of corporate finance, valuation, and financial accounting

Superior analytical skills and demonstrated excellence in academic coursework

Strong interpersonal skills, including ability to work well in teams and articulate ideas

Strong communications skills, both written and oral

Demonstrate specialized expertise and knowledge in the assigned field

• Experience with creating and implementing Cybersecurity Awareness Training programs

• Experience with Phishing protection and simulations tools

• Knowledge of relevant Enterprise Security Solutions

• Effective verbal, written, presentation and interpersonal communication skills

• Requires sound knowledge of Information Technology security principles, practices, technologies, programs and procedures.

You’re digitally savvy. You seek out innovative solutions and embrace evolving technologies. You can easily adapt to new tools and trends.

You’re a certified professional. It’s an asset if you have your CISSP, CIA, or CISM designation.

Values matter to you. You bring your real self to work and you live our values - trust, teamwork, and accountability.

What You Need To Know

Understanding of lifecycle data management (collection, use, transmission, disclosure, and retention of personal and/or confidential business information)

Knowledge of e-learning applications and methodologies, student information systems and corporate applications (finance, payroll, etc…) while not required, is highly desirable.

CISSP, or related security or IT certifications and/or courses are an asset

Highly developed written and verbal communication skills, as well as analytical and problem-solving skills

Actively ensure appropriate administrative, physical and technical safeguards are in place to protect member’s information assets from internal threats

Provide training to School Board IT staff on data and information security

Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization

Bachelor’s degree from an accredited college or university or equivalent experience

Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM, CASP+))

Strong working knowledge of threat risk assessment methodologies NIST, ISO, IRAM2, etc.

Excellent communicator including demonstrated presentation and negotiation skills

Experience with security solutions for multi-tier cloud-based applications (Microsoft Azure, GCP, AWS, etc.)

Strong organizational and time management skills to handle multiple tasks and prioritize effectively.

Provide daily support for account management and assist in the regular operations of the client's business.

Atleast2 years of experience in government, government relations, or communications.

Knowledge of the Canadian Parliament, federal policy, and legislative affairs highly desired.

Client and interpersonal skills, proficient at effectively conveying information through various communication channels such as phone, email, and face-to-face interactions.

Strong writing and editing skills to ensure clarity, persuasion, and polish for content, documents, and other written materials.