Cybersecurity Analyst

Montreal - Head Office, Canada

Full Time Entry-level / Junior CAD 89K - 166K * ^est.

Sanimax

View all jobs at Sanimax

Apply now Apply later

Posted 13 hours ago

Your professional transformation starts here

Are you full of great ideas? Do you dream of building a greener future as part of a company that values your skills and opinions? Are you looking for a flexible employer that will give you the opportunity to grow within the company?

This job is for you!

Sanimax is looking for a Cybersecurity Analyst to join the IT Infrastructure and Operations team. The Cybersecurity Analyst will handle the security aspects of projects, governance, and some operational tasks.

Our benefits:

Competitive salary and annual bonus
Hybrid position with flexible hours after the training period
Comprehensive group insurance program (dental, medical, life insurance, disability insurance, etc.)
Telemedicine
Pension fund with employer contribution
On-site gym
Gym and physical activity reimbursement

The ideal candidate has a strong understanding of cybersecurity principles and best practices, as well as experience in security assessments. Additionally, they will be able to quickly adapt to evolving requirements and work autonomously while managing multiple initiatives simultaneously. Establishing a governance framework, a control framework, and managing cyber risk will be at the heart of your responsibilities.

Responsibilities:

Participate in the development of policies and guidelines (ISO 27001 & CIS).
Participate in internal audits and compliance testing.
Document and implement internal processes.
Monitor the existing security mechanisms and ensure control over the protection of IT assets.
Define security and compliance requirements, ensuring the technical viability of the solution. If necessary, define technical rules to guide the design, implementation, and deployment of the system.
Assess risks and vulnerabilities during the execution of complex projects.
Participate in the evolution of strategies, frameworks, objectives, and orientations for IT security.
Produce security deliverables and risk assessments in projects that may also involve cloud services.
Develop, coordinate, and lead projects to improve and upgrade our security practices.
Organize awareness and training campaigns on IT security for employees.

Profile / Requirements:

Hold a bachelor’s degree in law, science, technology, engineering, or administration.
Hold one of the following valid certifications: CISSP, CISA, CISM, CEH, CRISC, GIAC, GCIH, GPEN, ISO/IEC 27001 Lead Implementer, ISO/IEC 27001 Lead Auditor (considered an asset).
Knowledge of standards, regulations, and laws governing information security (ISO 27001, CIS, OCTAVE, ISO 27002, NIST, COBIT-19) is considered an asset.
At least 5 years of experience in IT security / GRC - Governance, Risk, and Compliance.
Experience working in a matrixed and decentralized environment.
Experience in measuring the performance of cybersecurity programs.
Strong knowledge of information technology principles and technologies related to security (authentication methods, access management, identity management, identity federation, encryption, security monitoring, etc.). These skills can apply to on-premises or cloud-based solutions.
Excellent verbal and written communication skills, with the ability to present effectively to both technical and non-technical audiences.
Ability to interact with all levels of the organization.
Demonstrated proficiency in managing cybersecurity solutions, platforms, and technologies.

Skills: