Senior Security Analyst (12 month Fixed Term, Full time)

CAN - Ontario - Toronto

Equifax

Get credit reports and credit scores for businesses and consumers from Equifax today! We also have identity protection tools with daily monitoring and alerts

View all jobs at Equifax

Apply now Apply later

Synopsis of the role

As our IT Security Analyst, This role requires a motivated self-starter. Someone who has strong analytical and problem-solving skills, a deep understanding of risk and compliance management principles, excellent communication and report-writing abilities, and knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and believe in due diligence. Responsibilities include but are not limited to:

What you’ll do

  • You will be identifying, analyzing, remediating, and reporting on vulnerabilities data across Equifax Canada infrastructure.

  • Responsible for conducting penetration tests and coordinating with teams on remediation plans.

  • Assessing and validating security controls and suggesting adequate compensating controls  to identified vulnerabilities and/or control gaps. 

  • Engaging stakeholders to drive remediation of application and infrastructure vulnerabilities.

  • Take a proactive and risk-based approach to identifying and addressing defects in order to protect systems, networks, and data from cyber-attacks.

  • Assist in tracking and improving the security posture and incident response engagements 

  • Assist in Asset management and compliance reporting on overall Equifax canada infrastructure.  

  • Create and support vulnerability and asset health metrics, remediation-related dashboards, and reports.

  • Work with Internal and External Audit functions to facilitate information gathering and reporting.

  • Support evidence collection with regards to various security compliance frameworks including NIST, PCI-DSS, ISO 27001, and SOC assessments

What experience you need  

  • Minimum 5+ years in security and 2+ years of hands-on experience with the design, implementation, operation of a vulnerability management program and strong application security background. 

  • Good understanding of technical security controls, secure coding standards and Hands-on experience with cloud such as GCP and AWS.

  • Strong understanding of PKI, encryption standards, Microservices architectures, Kubernetes security.

  • Providing recommendations to the Information Security Officer on the risks posture that are related to the Equifax Canada environment.

  • Experience with ServiceNow or other reporting platform tools including creating workflows, dashboard creation, and optimization.

  • Pays attention to team needs and pivots his/ her approaches accordingly to support the delivery of business value.

  • Experience with enterprise vulnerability management tools, SAST and  DAST.

  • Expert in ability to communicate to advanced Technical teams as well as brief management on technical risks and issues

  • Exposure to audits like PCI, SOC, ISO 27001 

  • Familiarity with common security frameworks NIST, COBIT, ITIL, ISO

  • Proactive, detail oriented and able to work independently and efficiently

What could set you apart

  • Passionate about Cybersecurity. 

  • Bilingual ( french language is an asset) 

  • Previous experience working in cyber security and vulnerability management at a large company

Primary Location:

CAN-Toronto-5700 Yonge

Function:

Function - Project, Program and Process Management

Schedule:

Full time
Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Analyst Jobs

Tags: Application security Audits AWS Cloud COBIT Compliance DAST Encryption GCP Incident response ISO 27001 ITIL Kubernetes Microservices NIST PKI SAST SOC Vulnerabilities Vulnerability management

Region: North America
Country: Canada

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.