IT Security Analyst
Location Address: Remote for now, will return later in the year to a Downtown Toronto Office
Contract Duration: 6 Months
Extension: Possible
FTE: Possible
Number of Positions: 1
Schedule Hours: Mon-Fri 8-4:30
Story Behind the Need: Back filling for an ongoing project
Business group: Cloud Based Info Systems
Project: Working to implement Cloud Based Securities procedures with Scotia Digital
Candidate Value Proposition- Working with cutting edge technology on a large project with one of North America’s largest banks.
The successful candidate will have the opportunity to:
to plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction or disclosure of information. A typical IT Security Analyst is responsible for planning, coordinating and implementing security measures to safeguard the computer database.
Typical Day in Role:
• Working with leading information security risk assessments and advise on risk mitigations for complex projects delivering innovative financial solutions.
• Working experience in risk assessment, creating Threat Risk Assessment (TRA) reports and data classification, and have worked with Penetration testing reports.
• Reviewing Architecture and Solution Design documentation and can identify and assess potential risks.
• Working with security architecture principles in multiple security domains (cloud security, application security, data protection, network security, Identity and Access Management, security engineering, security governance).
• Conducting research on the latest security technologies and standards, and learning about the threat and vulnerability landscape.
• Implementing security controls to protect new cloud technologies
• Collaborating with multiple stakeholders and are comfortable working in a fast-paced environment, managing multiple projects in an agile way.
Candidate Requirements/Must Have Skills:
• 4 years of experience in security architecture, software development, and/or hands-on experience with implementations of cloud environments, security controls and cloud-based solutions.
• Solid knowledge of cloud technologies and services (GCP, Kubernetes and IAM, CI/CD pipelines, infrastructure as a code).
• 5 years of experience conducting Threat Risk Assessments of complex, mission critical applications and confidential data assets.
• Familiar with industry standards and frameworks e.g. NIST 800-53, ISO 27001, ISO27002, ISO 27017, ISO27018, PCI DSS.
• Advanced communication (verbal/written/presentation) skills in English
Nice-To-Have Skills:
• Industry recognized security certification(s) (CISSP, CISM, CCSP, CRISC) is an asset.
• Certifications from major cloud providers is nice to have (Google, Microsoft or AWS).
• Knowledge of Spanish is nice to have
Soft Skills:
– Experienced working in a collaborative team environment
– Strong interpersonal skills
– High attention to detail
Best vs Average: The Best vs Average candidate would have experience in both Security Assessment and Cloud Experience.
Degrees or certifications:
• Minimum Bachelor’s degree in Computer Science or in a related field.
• Certification in GCP
Candidate Review & Selection – One Round (Video Conference)