- This position will be accountable for the creation, maintenance and distribution of enterprise level policies, procedures and standards within the information security and privacy domains.
- Ensure the information security & privacy programs accomplish its objectives by bringing a systematic approach to improve the overall effectiveness of these programs.
- Facilitate and/or lead corporate level incident response preparedness through testing, reporting and actions and will participate in incident response.
- Create training courses, training presentations, programs, and develop new training materials that drive continuous awareness for information security & privacy.
- Develop a roadmap for MCAP's awareness training as it relates to information security & privacy that enables greater awareness, compliance and education materials
- Create and maintain an effective and measurable awareness training program.
- Create, execute, monitor and report on simulated security exercises to increase the awareness of the importance of security and privacy protocols (. phishing campaigns, tailgating, vishing, mystery customer)
- Drive awareness and compliance to information security & privacy best practices
- Develop and implement effective and reasonable policies, procedures and standards to secure MCAP assets.
- Participate and/or lead security assessments, audits, tabletops and penetration tests
- Provide support to all stakeholders on information security & privacy standards.
- Facilitate incident response preparedness through testing, develop plans to close gaps and updating response plans.
- Contribute to the identification and maintenance of an information security risk registry.
- Prepare and support security due diligence questionnaires and assessments.
- Research and maintain an awareness of industry information security challenges, changes or opportunities that would improve MCAP's information security & privacy posture
- Support and assist annual reviews of enterprise information security & privacy policies, procedures and standards.
- Collaborate with the technical information security team to identify gaps in policy, procedures, or standards and recommendations for improvements
- Perform analysis of third-party vendor due diligence responses to identify gaps, escalate risks as required and make recommendations to improve the process
- Create measurements of compliance to corporate level policy and procedures (. Access reviews, DLP, PIA)
- Develop and maintain an information security & privacy program scorecard/dashboard that demonstrates our current (real time) posture and opportunities for improvement
- Develop a process to report on the remediation of issues that arise from external assessments or audits
- Internally assess, evaluate, and bring forward recommendations to management regarding the information security & privacy program controls.
- 3-6 years in information security & privacy governance
- Proven experience in the development of policies, procedures & standards
- Strong knowledge of information security governance frameworks (. CIS, NIST, ISO)
- General knowledge with security tools and technology (. firewalls, IDS, IPS, encryption, EDR, DLP, NAC, CASB, DKIM, DMARC, email protection)
- Advanced interpersonal skills and the abilities to interface with all business units in the organization
- Ability to work effectively and efficiently
- Ability to multi-task in a fast-paced environment
- General knowledge of security tools and technology
- General knowledge of systems, network and cloud architectures
- General knowledge with risk analysis, penetration testing, and vulnerability management
- Demonstrated ability to create and maintain enterprise level security policy, procedures, etc.
- Excellent writing and verbal communication skills, interpersonal and presentation skills and proven ability to influence and communicate effectively with all levels of staff.
- Carries out duties with integrity and takes responsibility for actions
- Handles critical and sensitive information with the strictest confidentiality and privacy
- Excellent problem-solving and conflict resolution skills
- Ability to lead change initiatives and to foster a positive employee relations environment
- A degree or diploma in a relevant area of study with preference for information security or computer science/engineering
- Formal IT & security accreditations such as (. ITIL, COBIT)
- Security certifications in (. CISM, CISA, CISSP)
-
IT Governance, Risk and Compliance Analyst
3 days ago
Equitable Life of Canada Waterloo, CanadaAt Equitable Life of Canada, we realize that your work life is not just about performing a job; it's about being part of a workplace that helps you grow and reach your full potential. Within our friendly and collaborative work environment, we recognize that the key to our growth ...
-
Enterprise Data Governance Analyst
12 hours ago
D2L Kitchener, CanadaD2L is a cloud company that is modernizing education and building the Future of Work. The old models of teaching and learning are in the midst of the largest transformation in history, and D2L is at the heart of that fundamental shift. · New models of teaching and learning enable ...
-
Bilingual Investigation Analyst
1 week ago
Manulife Waterloo, CanadaWe are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out ...
-
Principal Security Analyst
1 day ago
Open Text Corporation Waterloo, Canada**Principal Security Analyst**: · - Req id: Waterloo, ON, CA**OPENTEXT - THE INFORMATION COMPANY** · As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads ...
-
Principal Security Analyst
1 day ago
Open Text Corporation Waterloo, Canada**Principal Security Analyst**: · - Req id: Waterloo, ON, CA**OPENTEXT - THE INFORMATION COMPANY** · As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads ...
-
Business Systems Analyst
1 day ago
University of Waterloo Waterloo, CanadaOverview: · The Business Systems Analyst (Analyst) provides functional business analysis and project leadership in systems development related to student information systems and integrations of the University, while supporting major, more complex business processes. There are sev ...
-
Principal Security Analyst
1 day ago
opentext Waterloo, Canada**OPENTEXT - THE INFORMATION COMPANY** · As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management. · **THE OPPORT ...
-
Control Analyst
12 hours ago
Manulife Waterloo, CanadaWe are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out ...
-
Geographic Information System
1 week ago
University of Waterloo Waterloo, CanadaOverview: · **Term: 7 months.** · Partners for Action (P4A) is a research initiative that seeks to empower Canadians to become flood resilient by promoting awareness and preparedness actions that are inclusive and evidence based. · P4A conducts original research and partners with ...
-
Accounting Analyst
12 hours ago
BlackBerry Waterloo, Canada Full timeWorker Sub-Type: · Regular · **Job Description**: · Accounting Analyst · **Responsibilities**: · Assist with monthly close process, including preparing and booking journal entries, ensuring accuracy and completeness. · Assist with bank account clearing and reconciliation. · Suppo ...
-
Accounting Specialist
1 week ago
Region of Waterloo Kitchener, CanadaCommitted to fostering opportunities for current and future generations, the Region of Waterloo is an inclusive, thriving, and sustainable region of connected rural and urban communities with global reach. Our mission is to serve, engage and inspire, by delivering quality service ...
-
Manager, Aml Compliance
4 days ago
Sun Life Waterloo, CanadaYou are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspir ...
-
Intermediate Tax Analyst
1 week ago
Sun Life Waterloo, CanadaYou are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspir ...
-
Principal Security Compliance Analyst
1 day ago
opentext Waterloo, Canada**OPENTEXT - THE INFORMATION COMPANY** · As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management. · **The Opport ...
-
IT Portfolio Manager
2 days ago
opentext Waterloo, Canada**OPENTEXT** · OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the ...
-
Operation Analyst
1 week ago
Sun Life Waterloo, CanadaYou are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspir ...
-
Region of Waterloo Kitchener, Canada**Job Req ID**:529**Department**:Land PortfolioAssociate Director, Development and Portfolio Management (Build Waterloo Region) · **Job Number**:529**Job Type**: Full-Time · - **Temp Contract Length**: · **Location**: 150 Frederick St - Regional Admin Headquarters · - **Job Categ ...
-
Manager, Corporate Underwriting
2 days ago
Definity Financial Corporation Waterloo, CanadaJob ID : 6832 · Category : Personal Insurance · Brand : Definity · Regular/Temporary : Regular · Fulltime/Parttime : Full Time · Location : Waterloo, Canada · Definity includes some of Canada's most long-standing and innovative insurance brands, including Economical Insurance, So ...
-
Institutional Analyst
1 day ago
University of Waterloo Waterloo, CanadaOverview: · **Term: 1 Year** · Under the direction and guidance of IAP leadership, the Institutional Analyst (IA) is responsible for the development of databases, models, analyses, and reporting as well as communicating the results of analyses internal and external to IAP. The IA ...
-
Manager, Data Analytics and Reporting
1 week ago
University of Waterloo Waterloo, CanadaOverview: · The Manager, Data Analytics and Reporting (DART) in Co-operative and Experiential Education (CEE) is responsible for providing quality data, analytical support and reports, placed in its proper context, to a variety of internal and external stakeholders including, but ...
Information Security Governance Analyst - Waterloo, Canada - MCAP
Description
The Role
Reporting to the Director, Information Security & Privacy Governance, this role will contribute to governance, risk and control activities within MCAP's Information Security & Privacy programs.
Training and Education
Governance & Operations
Program Measurement/Monitoring
What You Bring To The Team