Location Address: Toronto
Contract Duration: 7 months 12/6/2021 to 05/31/2022
Story Behind the Need:
• Business group: The Information Security Analyst will be responsible for application onboarding to the Logical Access Management Platform (LAM). Part of a global team with a mandate covering all the Bank’s Authentication/Authorization technologies, with the goal of creating the best Identity and Access Management practice in the Canadian financial industry. Involvement in many key projects and initiatives to further build the Bank’s IAM capabilities.
• Project: The candidate will be responsible for taking care of the technical aspect of application onboarding while also doing some business analysis and addressing logical access risks commensurate with the Bank’s risk appetite. You will have the opportunity to be part of a dynamic team that will impact the larger work environment of the bank while being exposed to various tools and programs. The candidate must have hands on application onboarding experience with Sailpoint. QAT testing experience and gathering requirements from applications to onboard applications is also a requirement.
Candidate Value Proposition:
• The candidate will have the opportunity to be involved in many key projects and initiatives to further build the Bank’s IAM capabilities. This individual will be collaborating with a strong senior leadership team of IAM and security professionals and gain exposure to industry-leading IAM platforms, with the ability to influence and drive their usage and adoption at bank
Typical Day in Role:
• Interview business/application stakeholders to guide them to build access control matrices for applications
• Support the business to understand their responsibilities with respect to logical access controls
• Manage and/or conducting detailed, risk-based evaluations of the design and operating effectiveness of Information Technology (IT) controls
• Perform required tasks for the Access Governance function and troubleshoot system/non-system issues; tasks/issues relevant to Identity & Access Governance including access request, access certification, communication, and documentation of operational processes and procedures.
• Execute test plans, scenarios, scripts or procedures
• Plan test schedules or strategies in accordance with project scope or delivery dates
• Create and/or update requirements documentation
• Work directly with IT application owners to learn about applications, gather requirements and details
• Work with applications owners to put together file feeds and access control matrix or documentation to ensure that the proper logical access controls are implemented to meet the CISO directive standards
• The candidate will be working mainly with business stakeholders and clients who reside in Asia Pacific.
Candidate Requirements/Must Have Skills:
• Information Security Analyst or related cybersecurity background – 3+ years of hands-on experience
• Recent project experience assessing application configuration and user authentication –2 recent projects where this experience was displayed
• Recent project experience reviewing the application architecture as well as gathering rules, responsibilities, and permissions – 2 recent projects where this experience was displayed
• Proficiency in MS Office (extended knowledge in MS Excel preferred) – 3+ years
• QAT testing experience and gathering requirements from applications to onboard applications to Sailpoint IIQ is a requirement.
• The candidate may be expected to work late or early to accommodate offshore working hours.
• Ability to identify what requirements need to be onboarded to SailPoint (2+years’ experience) to prevent any exposure to risk for the bank – 2 recent projects where this experience was displayed
• Recent relevant Financial Industry Experience
• Experience in project management is preferred
• Excellent communications skills to coordinate with high-ranking individuals internally (Director, VP level and up), as well as C-Suite of some of the third party vendors
• Ability to manage assigned tasks and expectations without direct instruction or oversight
• Fast, adaptable learner who can hit the ground running
• Ability to work well under pressure while demonstrating strong professionalism
• Must be able to collaborate closely with a team at times, while also being capable of holding themselves accountable to meet individual deadlines without hand holding
Best vs Average: Best would have onboarded the applications mentioned within another financial institution.
Degrees or certifications:
• University degree or college diploma in a related field is preferred
• CISSP designation or equivalent (nice to have) would be an asset
• Sailpoint – Identity IQ experience (nice to have) would be an asset