Information Security Compliance Analyst - Kitchener, Canada - D2L

D2L

Verified Company

Kitchener, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

D2L is a cloud company that is modernizing education and building the Future of Work.

The old models of teaching and learning are in the midst of the largest transformation in history, and D2L is at the heart of that fundamental shift.

New models of teaching and learning enable a personalized, student-centric experience - and deliver improved retention, engagement, satisfaction, and results for learners of all ages - in schools, campuses, and companies.

D2L is disrupting the way the world learns, by providing the next generation learning environment and solutions to engage and inspire learners.

And most importantly, by giving customers a platform that is easy, flexible, and smart. No other company provides a solution as robust and innovative as D2L.

D2L has had a singular mission for 20 years and is dedicated to that same mission in the years ahead: to transform the way the world learns - and by doing so, we will help improve human potential globally.

As the Information Security Risk and Compliance Analyst at D2L, you are a key influencer and contributor to the refinement and delivery of D2L's security and compliance programs.

You work to improve our security posture along with meaningful adoption and execution of operating controls and in tandem, delivery on a certification strategy that enables business in new markets and sectors.

How will I make an impact?:

Assist in refining and delivering D2L's Security program and ensuring alignment of these to D2L's compliance program.
Promote a culture of security awareness through training and knowledge campaigns across the organization.
Improve D2L's posture and transparency on security, privacy and compliance practices, both internally and externally.
Perform security risk assessments pertaining to governance, people, data, software, hardware, and cloud infrastructure.
Perform alignment of risk mitigation strategies/plans to industry standards
ISO 27001/NIST 80053R4 etc.
Perform third party/vendor/partner security risk assessments.
Facilitate and manage external audits and conduct internal audits.
Provide security representation and responses for new deals and proposals.
Monitor and enforce data privacy policies in partnership with the D2L Legal team.

What you'll bring to the role:

You have demonstrable experience managing large security/compliance programs and projects across multiple organizations with emphasis on ISO 27001/ISO 27701, NIST 800-53R4, StateRAMP/FedRAMP, CSAE 3416/SSAE18; SOC1/2/3 &

PCI:
DSS.

You have experience using enterprisegrade governance risk and compliance (GRC) tools.
You have experience performing audits particularly in a public cloud environment.
You enjoy getting to the root of a problem and exploring all possible solutions
You have experience building, managing and securing large enterprise, web scale and serverless environments.
You have a passion for exploring modern technologies and patterns to maintain our customer's privacy and confidentiality and protect D2L's intellectual property.
You are a fast learner and want to contribute on day one.

About the Team:

We work daily to enhance our defenses and actively anticipate potential threats to ensure we are protecting the availability, integrity and confidentiality of D2L services and data.
Our solutions are heavily focused on the native AWS technology stack while also making use of a variety of supporting technologies such as Terraform, Cloud Formation, and Jenkins.
Our current compliance coverage and road map includes ISO27001/17/18; CSAE 3416/SSAE18; SOC1/2/3; TX-RAMP/ NIST R4 &

PCI:
DSS.

Our team is physically located at D2L's HQ in Kitchener, Ontario Canada but we maintain a strong virtual presence to enable us to collaborate from wherever we may be.

Why we're awesome:

At D2L, we are dedicated to providing you with the tools to do the best work of your life. While some of our perks and benefits may vary depending on location or employment type, we are proud to provide employees with the following;

Impactful work transforming the way the world learns
Flexible work arrangements
Learning and Growth opportunities
Tuition reimbursement of up to $4,000 CAD for continuing education through our Catch the Wave Program
2 Paid Days off for Catch the Wave related activities like exams or final assignments
Employee wellbeing (Access to mental health services, EFAP program, financial planning and more)
Retirement planning
2 Paid Volunteer Days
Competitive Benefits Package
Home Internet Reimbursements
Employee Referral Program
Wellness Reimbursement
Employee Recognition
Social Events
Dog Friendly Offices at our HQ in Kitchener, Winnipeg, Vancouver and Melbourne.