Security Governance Analyst Jobs

5+ years of experience working with applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations

Demonstrated project management, organizational, and facilitation skills.

5+ years of experience in Information systems auditing, monitoring, controlling, and assessment process

CISSP, CISM, CISA, ITIL, or GIAC certifications desired.

Map and maintain common controls framework and control scope/applicability for a portfolio of compliance initiatives and information security policies.

Provides dashboards and reports based on regular assessments and testing of the effectiveness and efficiency of controls.

5-7 years in an Information Security role, preferably with experience in Information security risk management and security control governance.

Conduct annual security risk policy and directive review/refresh activities and present changes to management.

Collaborate with peers in Security Risk and Crisis Management for continuous improvement to the companys security posture.

Hourly salary of $70.42 to $80.00, based on experience.

Knowledge of Information Security principles, protocols, practices, and industry standards.

Sound knowledge of technologies related to Information Security, including encryption, firewalls, intrusion detection/prevention, anti-virus, DDoS, behavioral analysis/advanced malware detection.

Provide ongoing support for Data Governance capabilities such as metadata management, data quality and data stewardship/reporting.

Demonstrated knowledge of the data lifecycle, including experience with data modeling, metadata, and data quality.

A flexible/hybrid work environment combining in office collaboration and remote working

Programming experience in several of the following technologies: SQL, JavaScript, HTML, Python, AWS Glue, AWS S3, AWS EMR

Experience working with Tableau and Quicksight.

Experience working with AWS and / or Microsoft Azure.

Understanding requirements for records management, retention, FOI requests and recommend solution(s) for achieving desired outcomes using SharePoint and Purview.

Experience in creating security & governance frameworks for Enterprise Content Management platforms on SharePoint.

Experience in deployment and management of Microsoft Purview in an enterprise environment.

Experience in setting up Data lifecycle Management and Records management policies and governance on SharePoint.

Strong understanding of enterprise content management principles, regulatory requirements, data privacy standards, and data governance best practices.

Create policies for Records management, security, access control, and change control for content management.

Excellent organizational skills and the ability to manage multiple intake channels efficiently.

Run the monitoring & reporting function that defines and KPIs/KRIs, monitors compliance and manages exceptions

Strong analytical skills, specifically data analysis.

5+ years of IAM experience.

Experience building and leading a high performing team and establishing strong working relationships with business partners.

Enjoy working in a positive environment with highly motivated individuals that want to reduce the risks within the bank.

Role :- Cloud Governance and Security

Exp in handling security audits

Creating Governance, Security and Compliance

Exp in tools used to monitor cloud violations

You have a strong understanding of controls frameworks and risk management practices

You will be a key subject matter expert on sales compliance requirements

You obsess about customers, listen, engage and act for their benefit.

You are meticulously organized and can develop and implement systems to manage large amounts of data and details.

You have an approachable style and great communication skills that makes people want to work with you.

You successfully manage competing priorities like a champion.

Project management and interpersonal skills to coordinate complex projects to meet approved timelines

Advanced knowledge and experience with agile methodology and principles in the IT environment

Technical certifications such as CISSP, CCSP, CISA or CISM are an asset

Experience with cloud services (Software-as-a-Service, Platform-as-a-Service)

Reviewing and implementing data backup, restoration, and retention policies and procedures; monitoring performance of backup recovery systems through periodic testing

Supports the Metrolinx Payment Card Industry (PCI) program by completing tasks as required (i.e. data compilation and reporting)

Prepare security risk assessments and management strategies to inform decision-making for key projects which impact information security.

Collaborate with information technology and vendor management groups to develop processes for identifying and managing third-party cybersecurity risks.

Contribute to the organizational cybersecurity awareness program, presenting to stakeholders, end users, and management audiences.

Experience With SOX / C-SOX Regulatory Requirements.

Precision has a competitive vacation and PTO offering including afternoons off before a long weekend.

Interface with operations, sales, and legal teams, to address any IT security compliance-related requirements brought forward internally or by our customers.

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

• 10+ years overall experience

• Manage and respond to Internal and external Auditors

• Manage system access review

• Manage Infra Disaster Recovery and backup and maintain documentation

• Manage Infra Cyber Incident Recovery and maintain documentation

I'm #hiring. Know anyone who might be interested?

Collaborate with stakeholders across the organization to ensure that information security and compliance requirements are integrated into business processes

Assist with performing security risk assessments and following up to ensure that identified security requirements have been implemented prior to go-live

Stay current with regulatory requirements and industry best practices related to information security and compliance

Bachelor's degree in computer science, information security, or minimum 1 year related work experience

Strong analytical and problem-solving skills

Excellent communication and interpersonal skills

Program and project management skills.

Risks, issues and change management, escalate effectively.

5 to 7 years of work experience in the field of accounting and / or in the financial services industry.

University Degree in Finance related subject preferred.

Experience with Foreign Banking Organization.

Regulatory and Financial Reporting experience required.

A minimum of three (3) years of relevant work experience in an information security or information risk management capacity;

Excellent project coordination, time management skills and ability to deliver to strict timelines;

Knowledge of, or experience with, the Information Technology Infrastructure Library (ITIL); framework is required, and ITIL foundation certification;

Produces periodic reports, key risk indicator, and key performance indicator dashboards for management;

Based on qualifications and experience: $76,501 and $95,626.

Experience applying security frameworks such as ISO2700x, NIST, PIPEDA, or CIS, and the application of controls to real-world environments;

Experience with end-to-end identity & access management solutions in a complex environment

Knowledge and understanding of Identity Governance and Administration (IGA) and Privileged Account Management (PAM)

Demonstrated multi-tasking and time-management skills

Manage the information gathering, analysis and development of technical and non-technical requirements to be met by new cyber security solutions

Document solution business requirements and participate in technical designs

Bachelor's degree in a related field or equivalent experience