Information Security Analyst, Toronto

This is a 12 month contract position.  

The Information Security Analyst will implement the information security program initiatives, administer information security systems, and assist with monitoring information security policy compliance. The Analyst will be developing the information security maturity of the organization as well as performing operational activities on implemented information security controls to ensure information security policies are being followed. The role will be responsible for various activities to build information security including developing appropriate documentation,

building awareness, implementing technologies, and identifying information security weaknesses with the objective of protecting of OANDA information assets.

Responsibilities (Technical/Non Technical):

  • Work with the Information Security team, businesses, vendors, and IT teams to ensure that corporate policies and procedures are being understood and followed
  • Establish processes, procedures, guidelines, best practices and technical standards to meet corporate policies and industry best practices
  • Evolve corporate security policies and procedures to stay aligned with the security industry best practices
  • Develop and improve internal processes to manage information security corporate wide
  • Lead initiatives related to the remediation of security weaknesses or information security solution implementation
  • Perform access audits for various systems across the organization
  • Review security reports to identify violations, intrusion attempts, or security weaknesses
  • Monitor the security industry and be proactive with implementing appropriate information protection controls to mitigate risks on the latest types of vulnerabilities
  • Conduct security product research and assess their appropriateness for the organization
  • Produce report and presentation deliverables with attention on content as well as format
  • Perform security incident investigations and document findings/root causes
  • Work with Compliance to align security requirements

Qualifications (Required/Highly Beneficial/Beneficial):

  • Post-secondary degree or equivalent education in computer science, computer engineering, or similar studies
  • Previous experience of 2-4 years specifically in the information security industry
  • Working knowledge of industry security standards such as SOC2, ISO27001/ISO27002, NIST, etc.
  • Demonstrated experience working with security technologies
  • Demonstrated experience with implementing internal processes to manage information security initiatives
  • Experience with compliance and regulations in the financial industry
  • Experience writing security policies, guidelines and processes

Interpersonal Skills:

  • High attention to details and accuracy
  • Results driven
  • Self-motivated and able to work unsupervised
  • Strong written and oral communication skills
  • Strong analytical and problem-solving abilities with keen attention to detail
  • Experience working in a team-oriented, collaborative environment
  • Strong aptitude for learning

Apply Now!