Senior IT Security Analyst Full-time Job

Work Location -  Anywhere in Canada (Hybrid)

Employee Type -  Regular Employee FT  Salaried

We are seeking an experienced Senior Cybersecurity Analyst specializing in Governance, Risk, and Compliance (GRC) to help develop, implement, and manage our comprehensive GRC program. The ideal candidate will also have a deep understanding of enhancing a Change Advisory Board (CAB) program and managing advanced governance technologies like Resolver, AuditBoard, OneTrust, Microsoft Purview and Data Loss Prevention (DLP) tools. Expertise in integrating these technologies with platforms like ServiceNow is critical.

Responsibilities

• Help design, build, and manage the organization's GRC program to ensure compliance with regulatory requirements.
• Assist in overseeing the Governance, Risk, and Compliance (GRC) program, including updating the GRC tool as necessary and managing program assignments.
• Develop and oversee a robust CAB program, facilitating effective change management across IT systems.
• Help drive, lead, manage and optimize governance and the use and implementation of technologies such as Kroll Resolver, AuditBoard, OneTrust, Microsoft Compliance Manager, Azure Policy, Microsoft Information Protection (MIP), Azure Blueprints, Microsoft Cloud App Security (MCAS), Azure Active Directory (Azure AD), Microsoft Defender for Cloud Apps, Microsoft Defender for Identity, Microsoft Insider Risk Management, Microsoft Purview, Azure Governance Visualizer (AzGovViz), and ensure their effective integration with other IT service management tools. If you don’t know the tools, a can do or can learn attitude would be great!
   

Qualifications

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• 5 years or more of experience in a cybersecurity role with a focus on GRC.
• In-depth Knowledge of GRC Frameworks: Proficiency in designing, building, and managing GRC programs to ensure compliance with regulatory requirements.
• Change Management Expertise: Ability to develop and oversee a robust Change Advisory Board (CAB) program, facilitating effective change management across IT systems.
• Some Technical Proficiency with Governance Technologies: Skilled in the use and implementation of technologies such as Microsoft Compliance Manager, Azure Policy, Microsoft Information Protection (MIP), Azure Blueprints, Microsoft Cloud App Security (MCAS), Azure Active Directory (Azure AD), Microsoft Defender for Cloud Apps, Microsoft Defender for Identity, Microsoft Insider Risk Management, Microsoft Purview, and Azure Governance Visualizer (AzGovViz). A willingness to learn unfamiliar tools is also crucial.
• GRC Tools: Knowledgeable with Governance Technologies like Resolver, AuditBoard or OneTrust.
• ITSM: Familiar with ITSM Technologies like ServiceNow.
• One or more of the following security certifications are preferred:

Certified Information Systems Security Professional (CISSP)
    Certified Information Security Manager (CISM)
    Certified in Risk and Information Systems Control (CRISC)
    Certified Governance of Enterprise IT (CGEIT)
    NIST Cybersecurity Framework (NCSF) Certification