Information Security Analyst 3 (Data Loss Prevention)

 

Permanent Full Time 

-

 

 

The Senior Information Security Analyst plays a crucial role in our first line of cyber defense. This position involves collaborating with various stakeholders, including technology and business partners, to effectively manage information security risks and ensure compliance with organizational policies. Additionally, the role supports the delivery of analysis-driven cybersecurity services to our internal clients across Canada.

 

We are looking for a Senior Information Security Analyst to join our Data Loss Prevention team in the Technology Risk and CISO department. This role is vital in protecting our organization’s data by developing and executing DLP strategies. Responsibilities include configuring and managing DLP policies, ensuring compliance with organizational and regulatory requirements, investigating DLP alerts, and collaborating with cross-functional teams to resolve potential data breaches. The candidate will also help develop and deliver Data Protection training to enhance organizational awareness and adherence to data security best practices. Staying updated with the latest DLP technology; the candidate will recommend improvements to our DLP infrastructure.

 

The ideal candidate will have experience in information security, particularly in DLP technology and systems, a strong understanding of data security principles, regulatory requirements, and industry best practices, proficiency in DLP tools and technologies, excellent analytical, problem-solving, effective communication and collaboration skills, and relevant certifications.

 

Join us in our mission to protect our organization’s data. If you are passionate about data protection and have the expertise to support our DLP initiatives, we would love to hear from you.

 

What you will do:

Incident Response:

• Follow the DLP incident response process, collaborating with stakeholders (HR, Privacy, Business Units) to investigate, contain, and remediate data loss incidents.
• Develop and maintain DLP incident playbooks and ensure timely response to alerts.
• Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
• Conduct post-incident reviews and recommend improvements to prevent future incidents.

Design, Implementation, and Development:

• Design and implement DLP policies to protect sensitive data across identified channels, aligning with business needs, regulatory requirements, and industry best practices.
• Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
• Support the expansion of DLP capabilities into emerging technologies and egress channels.
• Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA).
• Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
• Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
• Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
• Report identified DLP gaps and drive initiatives to close them.

Collaboration and Communication:

• Work collaboratively with DLP team members, managers, and stakeholders to enhance teamwork and efficiency.
• Prepare and present regular updates, metrics, and program status. Define, track, and report on key performance indicators (KPIs) to measure control effectiveness and risk posture.
• Provide detailed reporting on DLP incidents, policy violations, and progress achieved.
• Adhere to corporate workstyle policies, including a minimum of three days working from the office each week.

Training and Awareness:

• Participate in developing and delivering DLP awareness and training programs to educate employees on data protection, acceptable use policies, and secure data handling practices.
• Promote a culture of data security awareness across the organization through regular communications and engagement activities.

 

What you will bring:

• Bachelor’s degree from an accredited college or university or equivalent experience.
• Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
• In-depth knowledge of DLP technologies, frameworks, and platforms (specifically Microsoft Purview, IRM and MDCA).
• Strong understanding of data classification, encryption, regulatory requirements, and standards.
• Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
• Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
• Experience collaborating with cross-functional teams and senior stakeholders.
• Exceptional analytical, problem-solving, and investigative skills.
• Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
• Excellent communicator including demonstrated presentation and negotiation skills.
• Experience with security solutions for multi-tier cloud-based applications
• Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
• Working knowledge of IT Audit processes, including design of control test procedures.
• Demonstrated ability to foster relationships and build trust.
• Ability to work independently and deliver on commitments.
• Strong analytical and problem-solving skills.
• Experience in risk assessment methodologies.
• Reliability Status security clearance - this is a personnel security status that is required before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada  website

-

The base salary for this position is between  $70,000.00 - $117,400.00 annually.  This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc).  If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

 

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

 

Be your best at Canada Life- Apply today!

 

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

 

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

 

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.

 

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. 

 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

 

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.

 

#LI-Hybrid