Our client is looking for 3 experienced IT security analysts with specialization in risk and compliance. It is expected that the selected candidates will be available to work on-site at the Clients Vancouver office full time.
The candidates must demonstrate the ability to work with stakeholders in developing and assessing the security framework, performing gap analysis, guide remediation, and effectively roadmap security initiatives. The candidate must be very familiar with various IT security frameworks including but not restricted to ISO 27001/2, SSAE16, PCI, and CAG. The candidate must also have demonstrated experience with Governance, Risk, and Compliance tools.
Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems;
Develops and validates baseline security configurations for operating systems, applications, networking, and telecommunications equipment;
Works with the business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. Components of this activity include but are not limited to:
Identification of IT risks from analysis of the business processes and system architectures;Threat and vulnerability assessment; and Communication, facilitation and consensus building to identify the security controls.
Assists in the coordination and completion of information security operations documentation;
Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks;
Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance;
Plays an advisory role in application development to assess security requirements and controls and to ensure that security controls are implemented as planned;
Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle;
Works with the IT department and members of the information security team to identify, select and implement technical controls;
Develops and documents security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained;
Advises security administrators on normal and exception-based processing of security authorization requests; and
Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.
Skill Set Requirements:
Solid understanding of IT security concepts and priorities especially within a large, high profile, government regulated organization;
Demonstrated IT audit and controls experience;
Must be very proficient with various security devices e.g. firewall, SIEM, IDS/IPS, proxy, VPN and the current trends and positives/negatives between major security brands/manufacturers;
Ability to communicate effectively and appropriately towards various levels within the organization and communicate a clear and pragmatic approach towards security issues;
Must demonstrate experienced use of governance, risk & compliance tools and risk assessment methods;
Proficiency in performing risk, business impact, control and vulnerability assessments;
Ability to interpret and summarize technical security into easy to understand communications;
Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans;
Experience with common information security management frameworks, such as ISO 2700x, COBIT, ITIL frameworks;
Experience in developing, documenting and maintaining security policies, processes, procedures and standards;
A degree or diploma in information technology, computer science, or similar field preferred, or has an equivalent combination of experience, training and education;
Minimum of five (5) years' IT or IT audit experience;
Valid and current, CISSP, PCI, GIAC, SANS, CISA, CISM, or CITP or other similar industry certifications;
Ability to identify priorities and ensure that work is completed within stipulated time frames;
If you fit the listed requirements, please respond to this posting. Shortlisted candidates will be contacted directly.
About TEKsystems :
Join TEKsystems and get your career on the fast track. As one of North America's premiere IT staffing, IT talent management and IT services companies, we provide solutions that work. We actively seek talented IT professionals with all levels of information technology skills and expertise in order to support critical engagements at client sites worldwide. Because of our industry-specific focus, knowledge and connections, we can share highly desirable positions you might not otherwise know about. From customized training and flexible hiring options, to dedicated teams of recruiters working to find you the right opportunity, TEKsystems specializes in IT career management.
TEKsystems is acting as an Employment Agency in relation to this vacancy.
Career Level: Experienced
Education: High School Diploma
Industry: Computer Hardware and Networking
Job Function: Technology and Digital Media