Junior Information Security Analyst

Caseware is one of Canada's original Fintech companies, having led the global audit and accounting software industry for over 30 years, with more than 500,000 users across 130 countries and available in 16 different languages. While you might not have heard of us (yet) over 36,000 accounting and audit professionals list Caseware as a skill on their LinkedIn profiles!
As a Junior Information Security or Compliance Analyst you will support the company’s information security and compliance initiatives. This entry-level position is ideal for someone with a foundational understanding of security or risk management principles and a desire to grow their career in a collaborative, fast-paced environment. The analyst will help maintain compliance frameworks, assist with security reviews and audits, and support internal teams in navigating information security requirements
❗This a full-time, permanent position.
📍 Location:  This role is hybrid. You will be required to work from our Toronto office 3-days a week, located at 351 King Street East, Toronto, ON 

What you will be doing:

• Policy and Compliance:
• Assist with internal and external audits (e.g., SOC 2, ISO 27001, HIPAA) by gathering evidence and preparing documentation.
• Help maintain and update security policies, standards, an procedures to ensure they reflect current practices and compliance obligations.
• Track compliance tasks using project management or GRC tools to support audit readiness and ensure timely completion of deliverables.
• Commercial Support:
• Respond to customer security questionnaires and RFPs by collaborating with internal teams to gather accurate and timely responses.
• Maintain a knowledge base of frequently asked questions and standard responses to improve turnaround time.
• Support sales and customer success teams in navigating client security concerns and aligning them with internal controls.
• Procurement Support / Vendor Security Assessment:
• Conduct preliminary security reviews of third-party vendors by evaluating questionnaires and supporting documentation (e.g., SOC reports, penetration tests).
• Help maintain an inventory of vendors and associated risk ratings.
• Work with procurement and legal teams to ensure vendors meet the organization’s security requirements.
• Governance Support:
• Assist in the development, implementation, and maintenance of governance frameworks, including documentation and reporting.
• Schedule and document governance meetings, including tracking of action items and decisions.
• Coordinate with cross-functional teams to promote adherence to security and compliance practices.
• Risk Management:
• Support periodic risk assessments by identifying potential threats, documenting risk findings, and proposing mitigation strategies.
• Help manage the risk register and ensure appropriate follow-up actions are documented and tracked to completion.
• Participate in incident reviews or retrospectives to identify lessons learned and preventive measures.
• Awareness & Training:
• Contribute to the creation and delivery of security awareness materials, such as newsletters, presentations, and online modules.
• Assist with onboarding processes to ensure new employees complete required security training.
• Track completion of mandatory training and support efforts to improve security culture.
• Research & Continuous Learning:
• reading blogs, reports, and news sources.
• Research and recommend new tools, frameworks, or automation opportunities to improve the organization’s security and compliance posture.
• Participate in training, webinars, or certifications to deepen understanding of relevant domains

What you will bring:

• Bachelor’s degree in information security, Computer Science, Business, or related field, or equivalent experience.
• 1-2 years of experience as a information security or compliance analyst, preferably in a SaaS, audit/accounting firm.
• Experience in maintaining compliance frameworks, assisting with security reviews and audits, and supporting internal teams in navigating information security requirements.
• Foundational knowledge of cybersecurity or compliance frameworks (e.g., NIST CSF, ISO 27001, SOC 2).
• Awareness of cloud services (e.g., AWS, GCP, or Azure) and how they relate to security and compliance.
• Strong written and verbal communication skills.
• Interest in furthering career in Information Security, including, audits, vendor risk, cloud security, and GRC tooling.

What's in it for you:
▪️Innovation is at our core. We work with cutting-edge technology in accounting and financial reporting, constantly pushing the boundaries to create impactful software solutions. ▪️We are committed to a collaborative culture, where your ideas are valued, and knowledge sharing is encouraged within a supportive, inclusive team. ▪️Work-life balance is important to us. We offer flexible work options, remote opportunities, and generous time-off policies to ensure a healthy work-life balance. ▪️We offer competitive compensation, including a competitive salary and comprehensive benefits such as health insurance and retirement plans. ▪️We are driven by impactful work. Your contributions directly affect how our clients manage financial processes and drive their success. ▪️Recognition and rewards matter to us. We celebrate hard work through recognition programs, performance bonuses, and opportunities for career growth. ▪️We embrace global opportunities. Work on international projects and collaborate with a diverse, global team. 
About Caseware:Caseware's cutting-edge software products are meticulously designed for accounting firms, corporations, and governments. Our teams are continually collaborating, innovating, and building upon our existing suite of products. With a customer-focused mindset, we are building technology that is shaping what the future of audits, financial reporting, and financial data analytics will look like.
With a recent strategic investment from Hg Capital in 2020, Caseware is now in its next major growth phase as we double down on the people and products that have made Caseware so successful to date.
One of Caseware's core values is Many Voices, One Team and with that in mind, we're dedicated to building teams as diverse as our customers in an equitable and inclusive way. We welcome and encourage candidates of all backgrounds to apply. Should you require accommodations or have any questions at any point during the application or interview process, please e-mail our People Operations team at talent@caseware.com.
Background Check:Any candidates successful in obtaining an offer for a position will need to successfully complete a background check through Certn.co which typically includes an Identity Verification and Criminal Record Check. Executives and Senior Managers will undergo a Soft Credit Check as well. Candidates residing in the Netherlands and Germany are excluded from undergoing background checks via Certn.co 
Security and Fraud:Caseware takes the security of candidates seriously. All legitimate communication from us will come from email addresses ending in @caseware.com and our open positions are always listed on reputable job boards and on our website https://jobs.lever.co/caseware. We will NEVER ask for payment or financial information from you. If you receive an unsolicited job offer, proceed with extreme caution.