Senior Information Security Analyst

CLOSING DATE:

July 30, 2025

Opportunity

As a Senior Information Security Analyst, you will be entrusted with safeguarding AIMCo's digital assets. Your expertise and skills will be pivotal in maintaining the highest levels of security and integrity, ensuring the protection of sensitive information and preventing unauthorized access.

In this role, you will lead the development, implementation, and maintenance of our Identity and Access Management (IAM) systems and processes. You will collaborate with cross-functional teams, including applications, IT, cybersecurity, and compliance, to ensure AIMCo adheres to industry standards and best practices.

Your impact will extend beyond IAM. You will contribute to other Information Security programs, such as Security Awareness and Training, 3rd party Risk Management, and Insider Threat/Risk Management. By actively participating in these initiatives, you will help shape AIMCo's overall security strategy and protect against emerging threats.

Interested applicants are invited to apply for the role of Senior Information Security Analyst and join the team dedicated to pushing boundaries and ensuring the utmost protection of sensitive information. Your expertise will make a difference in shaping the future of our organization's security landscape.

NOTE: This role will close at 11:59MST on July 29, 2025. This position is open to candidates who are willing to relocate to Alberta, and we encourage all interested individuals to apply.

Responsibilities:

• Proficiency to develop, implement, and maintain Identity Governance and Administration tools and systems, including user provisioning, authentication, authorization, and access controls.

• Configure and customize IAM solutions to meet the organization's security requirements.

• Proficiency with programming and scripting languages such as Java, JavaScript, PowerShell, or similar.

• Collaborate with IT teams to integrate IAM systems with existing infrastructure, applications, and databases.

• Drive continuous improvement initiatives, identify opportunities for improvement, and implement processes that enhance operational efficiency for identity access management.

• Manage user identities throughout their lifecycle, including onboarding, role changes, and offboarding.

• Maintain accurate user profiles, roles, and permissions in IAM systems.

• Monitor access controls to ensure adherence to security policies and compliance requirements.

• Conduct periodic access reviews to ensure adherence to security policies and compliance requirements.

• Develop and enforce access control policies and procedures based on industry best practices and regulatory requirements.

• Collaborate with stakeholders to define and document access control standards and guidelines.

• Collaborate with the cyber security team to develop and implement remediation plans for identified vulnerabilities or security breaches relating to IAM.

• Ensure compliance with relevant regulations, standards, and frameworks (e.g., SOC, GDPR, ISO 27001/2, NIST)

• Support internal and external audits by providing necessary documentation, reports, and evidence of controls and processes.

• Maintain accurate documentation of processes, procedures, and system configurations.

• Generate reports and metrics related to defined activities, including access requests, user provisioning, and access reviews.

• Assist with the information security awareness and training programs for employees, contractors, and third-party vendors.

• Experience with the developing and maintaining programs such as Insider Risk/Threat and Third-Party Cyber Risk management

Our Ideal Candidate Qualifications:

• Bachelor's degree in Computer Science, Information Systems, or a related discipline

• 10+ years of working experience in the information security or cyber security domain

• Experience with managing Identity and Access Management in financial systems

• Completion of or working towards information security certificates (ie. CISSP, SSCP, GIAC, Security+, or IAM certifications) is advantageous.

• Strong understanding of Identity and Access Management principles, concepts, and best practices.

• Experience with IAM tools and technologies, such as, AAD, Active Directory, LDAP, Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM) etc.

• Proficiency with programming and scripting languages such as Java, JavaScript, PowerShell, or similar.

• Knowledge of security concepts, protocols, processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIEM technology, incident handling, security analysis tools for user behavior and insider risk, etc.)

• Familiarity with regulatory requirements and frameworks, such as GDPR, SOC, NIST, and ISO 27001/02.

• Security Awareness Training administration and provisioning

• Experience with 3rd party risk management

• Knowledge and understanding of security incident response and investigation processes.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work collaboratively in cross-functional teams and manage multiple priorities.

• Researches and evaluates new information security technologies.

• Maintains awareness of trends in information security, including investment and financial regulations

• Proficient technical, analytical, and problem-solving skills

• Ability to interact and build strong relationships with all levels of the organization and work independently and as a team when needed

• Knowledge and discipline to document processes and applications

• Ability to handle multiple projects or initiatives simultaneously within established time constraints

• Demonstrates a strong commitment to AIMCo’s core values of excellence, transparency, humility, integrity and collaboration, and inspiring the same in others

Success Measures:

In the first 12 months, you will immerse yourself in AIMCo's dynamic security environment, gaining a comprehensive understanding of the systems, mandates, and initiatives that drive our information security practices.

With this knowledge, you will take the lead in identifying areas for improvement. Your expertise will enable you to spot opportunities to enhance our security measures and provide recommendations on the best course of action. Additionally, you will identify areas for automation, revolutionizing our processes and significantly boosting efficiency.

As a Senior Information Security Analyst, you will be at the forefront of innovation, continually seeking ways to elevate our security practices and stay ahead of potential threats. Your recommendations will shape AIMCo's future, ensuring we remain at the cutting edge of information security.

Prepare to unleash your expertise, make a lasting impact, and be part of an exciting journey where every day brings new challenges and opportunities for growth. Join us as a Senior Information Security Analyst and be at the forefront of AIMCo's quest for security excellence. Apply now and be part of a team that is revolutionizing the way we safeguard our digital assets and identities.

Next Steps

We are excited to meet you. Please submit your resume or CV to be considered for this opportunity. Applications are being reviewed on a rolling basis and we will be in touch with any questions.

Final candidates will be asked to undergo a security screening, which includes a credit bureau and a criminal record investigation, the results of which must be acceptable to AIMCo.

ALERT - Be on the lookout for AIMCo career opportunities advertised through third parties that request an application fee or too much information. To verify, all opportunities are posted on aimco.ca/jobs
 

Just like our investments, our international team is stronger when we are diversified. At AIMCo, we draw upon the differences in who we are, where we come from, and the way we think to foster sophisticated solutions for Albertans. Doing business the right way means building an equitable organization inclusive of all races, genders, ages, abilities, religions, neurodiversity, identities, and lived experiences. Simply put, when you can show up as your authentic self every day, you and your team can truly thrive — all in service of our clients and their beneficiaries.