Synopsis of the role
As our IT Security Analyst, this role requires a motivated self-starter. Someone who has strong analytical and problem-solving skills, a deep understanding of risk and compliance management principles, excellent communication and report-writing abilities, and knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and believe in due diligence. Responsibilities include but are not limited to:
What You’ll Do
- Proactively identify and address system, network, and data to prevent cyber-attacks.
- Assess and validate security controls, while suggesting compensating controls to address vulnerabilities and control gaps.
- Collaborate with stakeholders to remediate application and infrastructure vulnerabilities.
- Conduct vulnerability and security controls risk assessments.
- Facilitate information gathering and reporting for Internal and External Audit functions.
- Providing recommendations to the Technology Information Security Officer on the risks posture that are related to the Equifax Canada environment.
- Partnering with Technology on security engagements by opening front door requests and collecting evidence for projects.
- Support evidence collection for various security compliance frameworks, including NIST, PCI-DSS, ISO 27001, and SOC assessments.
What Experience You Need
- Minimum 4+ years in security and 2+ years of experience with the Risk assessment, application security and cloud security.
- Good understanding of technical security controls, secure coding standards and Hands-on experience with cloud such as GCP and AWS.
- Strong understanding of PKI, encryption standards, Microservices architectures, Kubernetes security.
- Experience with ServiceNow, Jira, and/or other reporting platform tools including creating workflows, dashboard creation, and optimization.
- Pays attention to team needs and pivots his/ her approaches accordingly to support the delivery of business value.
- Expert in ability to communicate to advanced Technical teams as well as brief management on technical risks and issues
- Exposure to audits like PCI, SOC, ISO 27001 and familiarity with common security frameworks NIST, COBIT, ITIL, ISO
- Proactive, detail oriented and able to work independently and efficiently
What Could Set You Apart
- Passionate about Cybersecurity.
- Bilingual ( french language is an asset)
- Previous experience working in cyber security and risk management at a large company