Analyst, Information Security
20 Eglinton West
Canadian Tire Corporation
What you’ll do
The Analyst, Information Security will support the administration of the cyber security controls management process.
This role is responsible for updating all cyber security controls including ensuring alignment with enterprise policies, standards and applicable regulatory and audit/compliance requirements.
Continually monitor, update and manage all cyber security controls
Annually update cyber security control narratives
Assess additions, deletions and modifications to the cyber security controls
Facilitate review of critical asset inventory and configuration management database (CMDB) to ensure they are complete
Facilitates and support management’s completion of self-assessment of cyber security controls and perform review of management’s completed self- assessments, and any noted exceptions
Provide support to management in remediating noted exceptions
Collect and provide cyber security control metrics in support of cyber security reporting requirements
Track, follow up on and report on control deficiencies
Administer and support the cyber security gap management program by tracking and reporting on the status of remediation and supporting technical teams regarding remedial activities
Support the cyber security policy exception process by analyzing policy exception requests, following up with requestors for clarification, preparing recommendations and processing exceptions in ServiceNow
Support the Cyber Cloud Compliance Program by tracking new security policies introduced by cloud service providers and other vendors, and monitoring security score for all environments
Support Cyber Configuration Management Program by monitoring and reporting on compliance against enterprise security baselines
Assist in facilitating the annual Policy and Standard renewal process with scheduling, requirements gathering, and providing minor updates to the documentation
What you bring
2-4 years experience in information security, and/or IT compliance/IT audit
University degree preferably in an IT related discipline
CISSP, and/or CISA designations would be an asset (or working towards)
Strong understanding of IT and cyber security concepts and best practices
Understanding of cyber security risks and control frameworks including NIST and COBIT 5
Ability to communicate effectively (written and verbal)
Experience with cyber security controls development, testing, and monitoring including evaluating risk and impact of control deficiencies
Technical knowledge including Linux, Windows, AIX, databases, network and security appliances and firewalls/IDS/IPS, web and cloud-based applications, and secure coding practices and cloud security
Hybrid
We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes. Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team.
About Us
Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. With more than 90 Owned Brands, 1,700 retail locations, financial services, exemplary e-commerce capabilities, and exciting market-leading merchandising strategies. We dream big and work as one to innovate with purpose for our customers at every level of our business, investing in new technologies and products, and doubling down on top talent to drive the company forward. We offer competitive salaries and wages to CTC employees, as well as store discounts, supported learning through our Triangle Learning Academy, Canadian Tire Profit Sharing, and retirement and savings programs for eligible employees. As part of our enhanced flex benefits program, we offer mental health benefits in the amount of $5,000 per year for benefits-eligible employees and their families, including total well-being, and mental health tools and resources for all employees. Join us in helping to make life in Canada better through living and working our Core Values: we are innovators and entrepreneurs at our core, outcomes drive us, inclusion is a must, we are stronger together and we take personal responsibility. It is an especially exciting time to join CTC and its family of companies where career opportunities are wide-ranging! Join us, where there's a place for you here.
Our Commitment to Diversity, Inclusion and Belonging
We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better.
Accommodations
We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISSP Cloud COBIT Compliance E-commerce Firewalls IDS IPS Linux Monitoring NIST Windows
Perks/benefits: Career development Health care Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.