Data Security Analyst - Edmonton, Canada - CWB Financial Group

CWB Financial Group

Verified Company

Edmonton, Canada

1 day ago

Posted by:

Sophia Lee

beBee Recruiter

Description

At

CWB
, we strive to build value for the people who choose us every day: our people, our clients and our investors

We do this by:

Putting people first and building relationships with intention
Seeking out and embracing new ideas
Believing that how we do things is as important as what we do

Data Security Analyst

Role Specifications

Everyday flexibility. Hybrid work environments. Collaborative connection.

CWB Corporate

Put a new _spin _on your banking career

The overwhelming majority of our employees say
CWB is a Great Place to Work_

We're different from the big banks in _the way_ we engage our employees - caring, responsive, and armed with an obsession for growing talent.

Our reputation is powered by a people first culture that ensures our employees be and feel heard, promotes inclusivity and diverse viewpoints, and inspires collaboration and innovation.

Our employees love
CWB. You'll love it here too._

The opportunity

CWB data is an important asset.

Taking into consideration the rise of global cyber security incidents and its direct impact to branding and reputation,
CWB Financial Group is committed to developing and implementing policies, processes, and technologies to manage data security proactively and effectively for our business, our clients, and our employees.

The Data Security analyst is a member of the Data Protection team, within
CWB's Information Security Office (ISO) and will be responsible for the implementation and day-to-day operations of modern-day, industry-leading data security and data loss prevention technologies.

Specific Accountabilities

Accountability #- Data Protection Assist with day-to-day activities of the Data Protection team, as they relate to ongoing data discovery, Cloud Access Security, Information Rights Management, and Enterprise' storage strategies. Support Business Units by ensuring business-to-security alignment.- Identify opportunities from the perspectives of people, processes, and technology while ensuring the highest level of confidentiality, integrity, and availability of information assets.- Participate in educating the company and its employees about data protection and privacy best practices.- Execute procedures, perform detailed data analysis, root cause analysis, document results, suggest improvements for operational efficiencies, identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios relevant to data protection.- Contribute to the development and execution of Incident Response (IR) plans and playbooks, as needed.

Accountability #- Data Loss Prevention- Assist in the enhancement and development of operational procedures to leverage cloud-based technologies for the purpose of ongoing monitoring and continuous protection of data.- Recommend and facilitate the implementation of technical controls to support and enforce defined security policies.- Aid with Security Incidents and Investigations.- Collaborate closely with the Identity & Access Management team to ensure access to data is provisioned to our centralized identities, on a need-to-know basis.

Skills and competencies that will take you further

Education- Post secondary diploma in the field of Computing Science, Information Systems Security, or equivalent experience- Required: CompTIA Security+, (ISC)2 Entry-Level Cybersecurity Certification, System Security Certified Practitioner (SSCP) or commitment to obtain within the first two years of employment

Professional Experience- Information Technology Experience: A minimum of 5 years of experience in Information Technology with at least two (2) of those years in an Information Security domain

Data Protection and Governance:

At least 2 years of experience in administering data protection controls, data governance, regulatory requirements, PII and privacy protection, data risk assessment and data loss prevention policies

Data Asset Management:

Actively contribution to defining data asset, including discovery and inventory, data flows, data lineage, infrastructure mapping, data stewardship and classification

Microsoft 365 Experience:

Prior experience in Microsoft 365's Purview Information Protection would be beneficial

Data Lifecycle Management:

Participation in end-to-end Data lifecycle management

Encryption and Anonymization:

Solid understanding of encryption and anonymization, masking methods, hashing, tokenization, and key management (DKE, PGP, PKI, CKM, BYOK etc.).- Prior experience working with Data Governance Platforms or Data Trust products for discovering, managing, and protecting structured data would be beneficial.- Applicable understanding of data encryption capabilities (i.e., field level encryption, file level encryption).

- Scripting and automation skills: Proficiency in scripting and automation