Information Security Analyst
| Company | Sun Life |
|---|---|
| Location | North York, ON, Canada, Kitchener, ON, Canada |
| Salary | $53300 – $88200 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Mid Level |
Requirements
- Minimum of at least 2 years experience in Information Technology (IT) and/or Information Security
- Knowledge of IT and information security principles, protocols, practices, and industry standards
- Experience performing risk assessments of cloud-based (SaaS) technologies including but not limited to AWS and Azure
- Understanding of existing and emerging IT and security technologies
- Strong communication and negotiation skills with senior staff and executives
- Excellent report writing skills
- Familiarity with contract wording and interpretation of security clauses
- Must be able to work and communicate with various business groups from a non-technical perspective and interpret technical context into plain language
- Can work with minimum supervision, proactive, strategic and analytic thinker, and consensus builder
- University Degree
Responsibilities
- Provide support to Sun Life’s business group initiatives and projects through conducting information security risk assessments, reviewing contracts to ensure inclusion of security requirements, performing supplier/third-party risk assessments, and advising on security best practices
- Provide support to the business group to ensure the security controls implemented on their projects and initiatives align with Sun Life Security Policy and Directive requirements
- Provide security consulting to Sun Life business group to ensure adequate security controls are in place to safeguard and protect Sun Life confidential information and improve overall security
- Provide preliminary recommendations on information security related risks
- Track and manage open information security risks to ensure corresponding risk remediation plans and target dates are in place. Work with respective business and/or technology risk owner to ensure risk remediation
- Provide management with an in-depth analysis of status of identified risks, current work activities, and work completed by the team.
Preferred Qualifications
-
No preferred qualifications provided.