Analyst, Information Security

20 Eglinton West

Apply now Apply later

What you’ll do

The Analyst, Information Security will support the administration of the cyber security controls management process.

This role is responsible for updating all cyber security controls including ensuring alignment with enterprise policies, standards and applicable regulatory and audit/compliance requirements.

  • Continually monitor, update and manage all cyber security controls

  • Annually update cyber security control narratives

  • Assess additions, deletions and modifications to the cyber security controls

  • Facilitate review of critical asset inventory and configuration management database (CMDB) to ensure they are complete

  • Facilitates and support management’s completion of self-assessment of cyber security controls and perform review of management’s completed self- assessments, and any noted exceptions

  • Provide support to management in remediating noted exceptions

  • Collect and provide cyber security control metrics in support of cyber security reporting requirements

  • Track, follow up on and report on control deficiencies

  • Administer and support the cyber security gap management program by tracking and reporting on the status of remediation and supporting technical teams regarding remedial activities

  • Support the cyber security policy exception process by analyzing policy exception requests, following up with requestors for clarification, preparing recommendations and processing exceptions in ServiceNow

  • Support the Cyber Cloud Compliance Program by tracking new security policies introduced by cloud service providers and other vendors, and monitoring security score for all environments

  • Support Cyber Configuration Management Program by monitoring and reporting on compliance against enterprise security baselines

  • Assist in facilitating the annual Policy and Standard renewal process with scheduling, requirements gathering, and providing minor updates to the documentation

What you bring

  • 2-4 years experience in information security, and/or IT compliance/IT audit

  • University degree preferably in an IT related discipline

  • CISSP, and/or CISA designations would be an asset (or working towards)

  • Strong understanding of IT and cyber security concepts and best practices

  • Understanding of cyber security risks and control frameworks including NIST and COBIT 5

  • Ability to communicate effectively (written and verbal)

  • Experience with cyber security controls development, testing, and monitoring including evaluating risk and impact of control deficiencies

  • Technical knowledge including Linux, Windows, AIX, databases, network and security appliances and firewalls/IDS/IPS, web and cloud-based applications, and secure coding practices and cloud security

Hybrid

We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes. Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team.

About Us

Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. With more than 90 Owned Brands, 1,700 retail locations, financial services, exemplary e-commerce capabilities, and exciting market-leading merchandising strategies. We dream big and work as one to innovate with purpose for our customers at every level of our business, investing in new technologies and products, and doubling down on top talent to drive the company forward. We offer competitive salaries and wages to CTC employees, as well as store discounts, supported learning through our Triangle Learning Academy, Canadian Tire Profit Sharing, and retirement and savings programs for eligible employees. As part of our enhanced flex benefits program, we offer mental health benefits in the amount of $5,000 per year for benefits-eligible employees and their families, including total well-being, and mental health tools and resources for all employees. Join us in helping to make life in Canada better through living and working our Core Values: we are innovators and entrepreneurs at our core, outcomes drive us, inclusion is a must, we are stronger together and we take personal responsibility. It is an especially exciting time to join CTC and its family of companies where career opportunities are wide-ranging! Join us, where there's a place for you here.

Our Commitment to Diversity, Inclusion and Belonging 

We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better.

Accommodations  

We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  6  2  0
Category: Analyst Jobs

Tags: Audits CISA CISSP Cloud COBIT Compliance E-commerce Firewalls IDS IPS Linux Monitoring NIST Windows

Perks/benefits: Career development Health care Team events

Region: North America
Country: Canada

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.