Information Security Analyst


Job Overview

Reporting to the Senior Manager, Infrastructure and Support, the Information Security Analyst will have responsibility for overall Information Security for our client, a Schedule 1 Bank, including internal/external networks, datacenters, end user devices and outsourced service providers.  The Information Security Analyst will work with the TechOps team and partners to identify enhancements to our current security posture and respond to changes in the overall IT security industry including best practices and emerging threats.


Core Responsibilities

Day to Day Responsibilities

• Manage external vendors who contribute to the overall security posture the Bank;

• Respond to emerging threats as required;

• Enhance and execute on activities required for the secure operation of the Bank’s infrastructure; including user access reviews; vulnerability scanning; penetration tests and patch management

• Provide expertise and recommendations in assessment of new partner IT Security practices;

• Consult and define requirements for elements of infrastructure related to IT Security at the Bank, including but not limited to Next Generation Firewalls, network design, IDS/IDP, malware and virus protection, and end-user devices


Medium and Long-Term Responsibilities

• Keep current on IT Security best practices and emerging trends through industry contacts, white; papers, and vendor reviews;

• Introduce new technologies and processes to enhance security and enable new business functionality;

Regulatory & Compliance

• OSFI cyber security self-assessment

• Vendor Information Security review, analysis and scoring

• Any issues and gaps will be addressed via the creation of a Risk Action Plan. The Risk Action Plan will be managed appropriately and tracked to completion.


• Minimum 7-10 years’ experience in Information Security with a university degree (or equivalent) in Computer Science or Engineering;

• Experience in setting up and executing processes and policies relating to Information security, preferably at a financial institution;

• Deep understanding of IT security technologies, including firewalls, end-user devices and activities, network architecture and SIEM capabilities;

• Experience in OSFI guidelines and reporting;

Required Competencies

• Ability to work across all levels and departments in the execution of responsibilities;

• Comfort in presenting to senior management, influencing teams in a matrixed organization and dealing in both detailed and summary levels of engagement;

• Previous experience working in small to medium Financial Institution, particularly in mortgages or online retail bank environments;

• Working in a regulated environment with multiple oversight frameworks provided by different regulators;

• Strong work ethic and tendency to take initiative;

• Excellent interpersonal communication skills;

• Willingness to work in non-conventional hours;

• Task oriented, quick learner that can work independently but is a team player;

© 2021 DevTalent Inc. 

  • LinkedIn
  • Instagram
  • YouTube
  • Facebook