Lead Security Analyst - Waterloo, Canada - opentext
Description
OPENTEXT - THE INFORMATION COMPANY
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital.
The Opportunity:
Working within the Global Information Security team, reporting to the Manager of Security Governance, the Lead Information Security Governance Analyst will be involved in leading and sustaining the Protected B (ISTG-33) Governance framework by working collaboratively with internal teams, SMEs, and other stakeholders.
The Lead Information Security Governance Analyst will be expected to understand a wide array of IT security controls, processes, and concepts.
This will include extensive effort researching and writing security policies, understanding data protection strategies, and organizing policy documentation for the entire organization.
The role will also be required to provide support of audit controls for ISO27001, SOC1, and SOC 2 on the Open Text Commercial platforms.
The role is primarily responsible for Policy & Documentation Mgmt associated to Protected B (ISTG-33).The role works with a team of analysts, who have diverse program responsibilities including but not limited to; Security Awareness Training, Security Communications, Budget Planning, Mergers & Acquisitions, and presentations to senior leadership.
The Governance Analyst will be responsible:
- Ensure that all security policies and documentation under the stewardship of the Governance team are reviewed and updated no less than on an annual basis,
- Help to facilitate monthly reviews of our security policies in support of our ISO27001 ISMS program.
- Assist in facilitating the quarterly governance policy meetings communicating policy changes and governance initiatives to stakeholders.
- Synchronizing complex policy clauses with other Information Security requirements regarding audit/compliance and risk management.
- The review and assessment of new governance frameworks
- Identifying opportunities for continuous improvement across Global Information Security
- Assist with the creation presentations for senior leadership, and Board of Directors.
- Knowledge of merger and acquisitions
You are great at:
Including but not limited to:
- Detailed knowledge of governance, compliance, and risk models
- Knowledge of security frameworks, domains, and associated security concepts
- Writing policies in support of security and business needs a requirements
- Understanding concepts in support of audit controls for Protected B(ISTG33), ISO27001/ISO27017/ISO 27018, SOC1/SOC2, PCI-DSS, FedRAMP, and HIPAA
- Process creation
- Continuous Process improvement
- Creating presentations
What it takes:
- Bachelor's Degree in Information Systems, Business Administration, or similar degree, or equivalent experience preferred.
- 5+ years in security risk, compliance, and governance
- Strong written and verbal communication skills
- Working across multiple teams and stakeholders to create policy and process
- Experience developing process
- Collection of audit deliverables
- Experience writing Process, Policy and Procedures documentation
- Working across GIS teams to create a project portfolio
- Experience creating presentations
- Knowledge of merger and acquisition processes and ability to analyze security risk for M&A activities
- Strong interpersonal skills are required to work across multiple internal teams
- Familiar with commonly used information security frameworks, best practices, and standard procedures
- Capable of working independently under pressure in a continually changing environment
- Is resourceful in knowing how to research requirements and find information for documentation purposes
- Strong knowledge of Open Text Commercial products and solutions is helpful
- Audit framework knowledge for Protected B(ISTG33), ISO27001/27017/27018, SOC1 & SOC2, PCI-DSS, HIPAA, FedRAMP desired
- Ability to work with peers and leadership teams
- Ability to participate in key proactive security programs.
- CGEIT, CISA, CISM, CISSP, ITIL or other IT certifications preferred
More jobs from opentext
-
Freelance Translator
Remote, Canada - 2 weeks ago
-
Systems Administrator-service Management Automation
Mississauga, Canada - 1 week ago
-
Product Support Specialist
Waterloo, Canada - 1 week ago
-
Associate Product Support Specialist
Waterloo, Canada - 4 weeks ago
-
Lead Cloud Specialist
Waterloo, Canada - 5 days ago
-
Cloud Services Program Manager
Mississauga, Canada - 2 days ago