Information Security Analyst, Data Loss Prevention

About Kinaxis  

Elevate your career journey by embracing a new challenge with Kinaxis. We are experts in tech, but it’s really our people who give us passion to always seek ways to do things better. As such, we’re serious about your career growth and professional development, because People matter at Kinaxis.    

In 1984, we started out as a team of three engineers. Today, we have grown to become a global organization with over 2000 employees around the world, with a brand-new HQ based in Kanata North in Ottawa. As one of Canada’s Top Employers, we are proud to work with our customers and employees towards solving some of the biggest challenges facing supply chains today.   

At Kinaxis, we power the world’s supply chains to help preserve the planet’s resources and enrich the human experience. As a global leader in end-to-end supply chain management, we enable supply chain excellence for all industries, with more than 40,000 users in over 100 countries. We are expanding our team as we continue to innovate and revolutionize how we support our customers. 

Location

This is a remote position. You can work from home and be located anywhere in Canada.

About the role

As the Information Security Analyst, Data Loss Prevention, you will be primarily responsible for the daily monitoring and/or maintenance of the enterprise Data Loss Prevention solution as part of a global Security team that is responsible for all security-related handling for Kinaxis Corporate and Kinaxis Maestro Software-as-a-Service.

You will administer the Data Loss Prevention (DLP) environments, monitor, and respond to the alerts that are generated from the tools. You will also interface with cross functional teams within Kinaxis such as Corporate IT, SaaS Operations, Development, Business Systems teams, Legal, Risk Management teams, and Technology partners to ensure DLP controls are adequately implemented to protect and maintain company-wide information security.

What you will do

• Support the architecture, design, deployment, and integration of DLP solutions in the enterprise.
• Ongoing administration of the DLP tools – this will include configuring policies and reporting.
• Monitor and respond to alerts generated from the DLP systems and other technologies. Coordinate with subject matter experts and provide timely reporting to management.
• Understand and follow the security incident response process through event escalations.
• In rotation with the team, be on call to respond to serious cybersecurity incidents.
• Work closely with product and platform teams to engineer and implement DLP security controls.
• Create and propose DLP design changes and enhancements for improvements in security, availability, and automation.
• Develop training materials for DLP systems and general security awareness and deliver DLP training as required.
• Implement and support approved information security projects and internal/external security audits.
• Understand potential and emerging information security threats, and vulnerabilities and communicate this information to appropriate team members throughout the Company on a timely basis.
• Provide support for DLP incidents or audits such as Sox, SSAE16, ISO, PCI, FedRamp.

• Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or similar.
• 3-5 years of experience in IT Operations, IT Security, IT Audit, or similar; high-tech, global organization is preferred (minimum of 2 years’ experience with DLP functions).
• A clear, concise, and professional communicator with the ability to present information and demonstrate knowledge to stakeholders at varying levels within the business. Ability to build rapport and gain support and trust from senior leaders and business stakeholders.
• Analytical and problem-solving skills, with the ability to interpret business requirements and arrive at well-constructed recommendations.
• Performs work with a high sense of urgency, and can prioritize based on business need. Agile and resilient in managing multiple projects with multiple sources of information under tight timelines.
• Experience with Data Loss Prevention (DLP) technology support and event handling.
• Advanced knowledge in DLP best practices and policies. (e.g. SANs, ISACA, ISC2).
• Experience integrating DLP solutions with multiple platforms including Windows, Unix, Database Platforms, etc.
• Experience with information protection and labeling.
• Experience with administration and integration of data discovery and classification tools.
• Experience with Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and attack Tools, Techniques and Procedures (TTPs), under the ATT&CK framework.
• Understanding of Security incident containment and eradication strategies.
• Understanding of computer-related security systems including firewalls, IDS/IPS, encryption, and password protection and authentication.
• Good understanding of industry recognized Cybersecurity frameworks.

Nice to Have:

• CompTIA Security+ (CySA+), CISSP, CCSP, CCNA Security, CISM, or GIAC certifications preferred
• Understanding of relevant governance and control assessment frameworks and/or standards (e.g., NIST-CSF, FFIEC CAT, ISO 27000 Series, COBIT, COSO, SOC 1/2, FAIR, PCI-DSS, etc.) is preferred
• Experience with Sentinel or other Next-Gen SIEM Technologies will be preferred
• Knowledge of and experience working in cloud platforms (Security features), Microsoft Azure (Microsoft Purview), AWS, and Google are assets

#Intermediate #LI-EM1

Work With Impact: Our platform directly helps companies power the world’s supply chains. We see the results of what we do out in the world every day—when we see store shelves stocked, when medications are available for our loved ones, and so much more. 

Work with Fortune 500 Brands: Companies across industries trust us to help them take control of their integrated business planning and digital supply chain. Some of our customers include Lockheed Martin, Yamaha, P&G, Honda, and more. 

Social Responsibility at Kinaxis: Our Diversity, Equity, and Inclusion Committee weighs in on hiring practices, talent assessment training materials, and mandatory training on unconscious bias and inclusion fundamentals. Sustainability is key to what we do and we’re committed to net-zero operations strategy for the long term. We are involved in our communities and support causes where we can make the most impact.

People matter at Kinaxis and these are some of the perks and benefits we created for our team:

• Flexible vacation and Kinaxis Days (company-wide day off on the last Friday of every month)
• Flexible work options
• Physical and mental well-being programs
• Regularly scheduled virtual fitness classes
• Mentorship programs and training and career development
• Recognition programs and referral rewards
• Hackathons

Kinaxis welcomes candidates to apply to our inclusive community. We provide accommodations upon request to ensure fairness and accessibility throughout our recruitment process for all candidates, including those with specific needs or disabilities. If you require an accommodation, please reach out to us at recruitmentprograms@kinaxis.com. Please note that this contact information is strictly for accessibility requests and cannot be used to inquire about application statuses.

Kinaxis is committed to ensuring a fair and transparent recruitment process. We use artificial intelligence (AI) tools in the initial step of the recruitment process to compare submitted resumes against the job description, to identify candidates whose education, experience and skills most closely match the requirements of the role. After the initial screening, all subsequent decisions regarding your application, including final selection, are made by our human recruitment team. AI does not make any final hiring decisions.