MFCJP00012096 - Infrastructure Analyst
Apply NowCompany: Core Resources
Location: Toronto, ON M4E 3Y1
Description:
Job Description:
Responsibilities
Work with the Business Owners and IT Support teams to ensure that all new applications and systems, or major changes for the existing ones are deployed with the required information security controls, as defined in the company's security and risk management standards.
Apply your knowledge in the review of enterprise security documents and initiatives.
Engage key stakeholders in identifying and evaluating potential security and vulnerability risks
Participate in actions and initiatives to apply fixes for security and vulnerability risks as soon as they are reported.
Coordinate and partner with Risk Management groups to gather and assess potential risks.
Produce ongoing security and vulnerability risk reports for business units, support teams and support vendors.
Daily review of Global Information Risk Dashboard and KRI reports and take appropriate action for risks remediation.
Provide input into internal business units and risk management team communications and vulnerability risks reports.
Review technical hardening standards reports for new implemented systems and coordinate all the fixes required for the systems to be security compliant
Respond to compliance audits, representing information technology throughout the lifecycle of the audit from providing evidence through the final report and remediation strategy.
Coordinate with Global Access Compliance team to identify non-compliance users and applications and take corrective action through remediation with the business owners and technical support teams.
Knowledge/Skills/Competencies/Education
A degree/diploma in technology or business, or equivalent work experience
Experience in one or more of the following disciplines: Information Technology and Systems, Information Risk Management, Audit, Business Intelligence and Analytics, ideally with some of the time spent in a large, complex organization.
Experience with relevant technical disciplines in Information Security and Information Risk Management including technical assessment, vendor assessment, systems, applications and network security, vulnerability management and information protection.
Technical knowledge of server operating systems Linux, Red Hat, AIX, Solaris, VMWare, Windows and Azure Cloud is also preferred.
Technical knowledge of security access protocols SSH, SSL, Secure Remote Login, CyberArk Privileged Access Security, Active Directory LDAP Access.
Proficient in software applications Excel, Word, Power Point.
Prior work experience in enterprise, operational and information risk management.
Working knowledge and experience performing and reviewing risk assessments, security control definitions, technical hardening standards
Responsibilities
Work with the Business Owners and IT Support teams to ensure that all new applications and systems, or major changes for the existing ones are deployed with the required information security controls, as defined in the company's security and risk management standards.
Apply your knowledge in the review of enterprise security documents and initiatives.
Engage key stakeholders in identifying and evaluating potential security and vulnerability risks
Participate in actions and initiatives to apply fixes for security and vulnerability risks as soon as they are reported.
Coordinate and partner with Risk Management groups to gather and assess potential risks.
Produce ongoing security and vulnerability risk reports for business units, support teams and support vendors.
Daily review of Global Information Risk Dashboard and KRI reports and take appropriate action for risks remediation.
Provide input into internal business units and risk management team communications and vulnerability risks reports.
Review technical hardening standards reports for new implemented systems and coordinate all the fixes required for the systems to be security compliant
Respond to compliance audits, representing information technology throughout the lifecycle of the audit from providing evidence through the final report and remediation strategy.
Coordinate with Global Access Compliance team to identify non-compliance users and applications and take corrective action through remediation with the business owners and technical support teams.
Knowledge/Skills/Competencies/Education
A degree/diploma in technology or business, or equivalent work experience
Experience in one or more of the following disciplines: Information Technology and Systems, Information Risk Management, Audit, Business Intelligence and Analytics, ideally with some of the time spent in a large, complex organization.
Experience with relevant technical disciplines in Information Security and Information Risk Management including technical assessment, vendor assessment, systems, applications and network security, vulnerability management and information protection.
Technical knowledge of server operating systems Linux, Red Hat, AIX, Solaris, VMWare, Windows and Azure Cloud is also preferred.
Technical knowledge of security access protocols SSH, SSL, Secure Remote Login, CyberArk Privileged Access Security, Active Directory LDAP Access.
Proficient in software applications Excel, Word, Power Point.
Prior work experience in enterprise, operational and information risk management.
Working knowledge and experience performing and reviewing risk assessments, security control definitions, technical hardening standards