Senior Information Security Analyst
565 Great Northern Way, Vancouver, Canada
Samsung Electronics
Tervetuloa Samsung Suomen verkkosivuille. Tarjoamme laajan valikoiman innovatiivista kodinelektroniikkaa ja tekniikkaa. Tutustu älypuhelimiin, tabletteihin, televisioihin, kodinkoneisiin ja muihin tuotteisiimme.Position Summary
The Information Security Analyst will be responsible for the protection of information assets, systems, networks, and data at Samsung R&D Vancouver from unauthorized access, theft, damage or disruption; Ensuring Confidentiality, Integrity and Availability principles are upheld at all times.In this role, you will conduct regular security inspections and auditing of key assets and areas. As well as provide guidance on assessing risks, identifying security gaps and recommending mitigation measures to protect Samsung. This role will lead the planning, assessment and implementation of security policies, incident response processes, surveillance systems and access control systems, investigate security incidents, and, lead the vulnerability management & security awareness training programs for employees.
Role and Responsibilities
Role and Responsibilities:
- Conduct IT security risk assessments, SaaS and Software risk assessments and Third-party risk management (TPRM).
- Manage the vulnerability management program by conducting regular vulnerability scans of enterprise infrastructure and coordinate findings & remediations with relevant stakeholders.
- Perform analysis of cyber security threats and understand incident trends to recommend risk mitigation measures that will prevent, detect and/or disrupt threat actors at all stages of the cyber kill chain.
- Oversee and audit the installation and operation of security controls and appliances, as well as physical security to comply with the Company’s information security policy requirements.
- Review, assess and manage on-going security-related approvals, workflows and change requests while ensuring security compliance.
- Oversee and support with evidence gathering on third-party security and compliance audits and any resulting remediation activities.
- Ensure Security Compliance with Policies and Laws.
- Manage, lead and mature the security awareness training program, including internal communications, newsletters, bulletins and recurring trainings related to information security.
- Act as security ambassador for the research center, educating staff about risks, promoting a security-first mindset and embedding security into business processes of other departments.
- Review and continuously improve all building access, auditing, logging and surveillance processes.
- Carry out audit and response efforts on security incidents and work with relevant departments to remediate the issues.
- Perform incident response table-top exercises and lead efforts on enhancement of incident response capabilities.
- Serve as key point of contact on security-related matters from security counterparts across the globe, enabling effective cross-departmental collaboration, stakeholder management and communication.
Skills and Qualifications
Skills and Qualifications:
- Bachelor's Degree in IT, Software, Systems Admin, Cyber Security or a related field.
- CISSP or CISA, CIA or CISM, GSEC, CompTIA Security+, CCSP (Cloud security) or CCSK are a valuable asset.
- Have minimum 2-3 years of experience in an IT Auditing, Cyber Security or an Information Security role, ideally with the responsibility of assessing the effectiveness of security controls.
- Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
- Ability to serve as a lead expert resource in technology controls and information security for project teams, business management, organization risk and third-party vendors.
- Knowledge of Risk Management, IT/Control Auditing, Security Governance and Security Compliance, IT and Physical Security.
- Hands-on experience with Security Awareness Training Platform(s), Vulnerability Scanning Tool(s), Password Management and Software License Management.
- Previous experience working with access control and CCTV systems is an asset.
- Working knowledge/understanding of Canadian security and privacy legislation (including employer and employee obligations).
- Advanced knowledge of MS Word, and Excel and MS PowerPoint are required.
- Must be customer focused with a desire to exceed customer expectations
- Exceptional attention to detail with demonstrated excellent judgment; professionalism and integrity.
- Reliable, punctual and dependable individual who has proven ability to work independently as well as to perform effectively in a team environment.
- Must be a team player who is highly responsive, reliable, adaptable, self-motivated and time flexible.
- Must be able to respond to security-related emergency calls.
* Please visit Samsung membership to see Privacy Policy, which defaults according to your location. You can change Country/Language at the bottom of the page. If you are European Economic Resident, please click here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCSK CCSP CIA CISA CISM CISSP Cloud Compliance CompTIA Cyber Kill Chain Governance GSEC Incident response Privacy R&D Risk assessment Risk management SaaS Surveillance Vulnerability management Vulnerability scans
Perks/benefits: Flex hours Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.