Information Security Analyst Full-time Job

The Information Security Analyst will be responsible to provide information security risk support to enable our business to make smart, risk-based decisions on technology and business investments that have a successful impact on that information security posture. This role will be important to deliver risk management support and advisory across the organization

 

How You'll Help: 

• Perform internal threat and risk assessments (TRA’s) that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Perform Business Impact Analysis (BIA) to effectively analyze how disruptions may impact the organization.
• Performs internal cyber risk and control assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Engage stakeholders and partners to drive key remediation and mitigation efforts. 
• Maintain overall risk register and present findings to senior manager of cybersecurity on a regular basis.
• Participates in product and vendor selection process to provide subject matter expertise on Information security risk and compliance.
• Support the review and compliance of defined IT general controls (SOC)
• Support responses to internal and external audits and assist team efforts to strengthen internal controls 
• Support information security compliance activities; researching & reporting organizational compliance levels.
• Provide regular reports and status updates on audit and compliance efforts from a security perspective
• Actively participate in Information security Incident investigation as may be required.
• Inventory, classify, and assess the level of compliance with controls are in place for the information assets of the corporation. Support, enhance when possible, and maintain sets of standard controls for each class of data, track and provide updates and status reports relevant to any incidents, ongoing activities, and issues.

 

Your Skills & Experience:

• University degree (computer sciences and/or engineering) highly desirable or equivalent experience and college education. 
• Functional knowledge of common security certifications (i.e. ISO 27001, SOC1, and SOC2) and ability to glean significance from findings identified in these reports
• Demonstrate knowledge with information security principles, and industry standards. Significant understanding of FAIR quantitative risk analysis, NIST, ISO/IEC series of standards, SANS-20 and COBIT 
• Excellent written and verbal communication skills, with experience presenting and explaining complex design, information security concepts and IT risk-related concepts to technical and non-technical audiences. 
• Able to successfully prioritize and manage to completion multiple complex tasks and deliverables.
• Act as security risk “ambassador” to both internal and external customers. Provide guidance and leadership to other risk management team members. Aptitude to understand business needs and deliver high-quality, prompt, and efficient service.
• English required, other languages an asset. 

 

If you’re chosen for the role, you’ll be asked to provide reference and criminal background checks before employment. You’ll only be contacted if you’re selected for an interview. 

From a single truckload of potatoes in the 1950s to a fleet of thousands, Day & Ross has grown to become one of the largest transportation and logistics providers in North America. With over 7,500 team members on and off the road in the US and Canada, we offer a diversified portfolio of freight and delivery solutions, including LTL, Truckload, Residential, Dedicated Fleet Solutions, and Logistics.
We believe our people are our greatest strength. For over a decade, weve been recognized as one of Canadas Best Managed Companies. Weve also been named a Top Company for Women to Work for in Transportation since 2018. Our recognition reflects the family values we share with our parent company, McCain Foods Limited.