Security Analyst - Ezra
Job Role: Security Analyst, Ezra
Location: Toronto, Canada
Start Date: September 2021
Who we are
Imagine what even the world’s finest organizations could achieve if all of their employees were coached to be their absolute best.
At Ezra, we’re on a mission to do just that. We believe through coaching, people get to know themselves. Their goals. Weaknesses. Hang-ups. And once they know all that, they can build on the good stuff and work on the rest.
This mindset applies not only to our clients, but is manifested in our own Ezra family. We believe we are changing people’s lives. We believe a happy team is a productive team. We want our people to care and be proud of what they do. We also practice what we preach – every member of our teams gets to experience the superpower that is coaching for themselves, amongst some other pretty incredible perks.
Ezra is the fastest growing global virtual coaching company, supporting some of the world’s leading companies. If all of this resonates, Ezra just might be the place for you.
As a Security Analyst you will work within multiple teams to ensure that information security risks are managed effectively and prevent security issues from hindering delivery. You will advise on proportionate approaches to security in an agile delivery environment and help products to be delivered by advising teams and the business on risk management.
You will be responsible of fill out vendor security assessments for our costumers and be the person responsible for remediation and security improvement suggestions.
The role of the Security Analyst is not limited to, but includes working with the digital and product teams to:
- Act as a technical liaison between the Security department and our product, engineering, support, and operations staff.
- Ensure that information assurance is addressed throughout product lifecycles
- Provide direct support to the business and IT staff for security-related issues.
- Provide risk management advice & develop risk management techniques
- Communicate risk and information assurance matters with other business areas
- Advise on and produce policies around handling information
- Work with internal/external auditors to answer questions and prepare Ezra for future certifications.
You will be part of the Technology and Operations Team, reporting to the Technical Operations Director.
What You’ll Do
- Provide hands-on information assurance and risk management advice to Digital products developed with agile methodologies and continuous integration.
- Within the Enterprise Risk Management process, perform a constant and continuous assessment and/or review of IT risks, assessing the effectiveness of the mitigation controls in place and proposing new ones to further reduce the residual risk
- Work with the product manager to understand and manage risk for new and existing services
- Assist with building a culture of continuous delivery and improvement, ensuring that key systems are regularly risk assessed, maintained and improved
- Work closely with other areas to spread good practice around information assurance and risk management
- Ability to carry out risk assessments and risk management
- Create concise and comprehensive reports related to security violations, including recommendations for addressing any identified control weaknesses
- Methodically conduct system audits to verify compliance with adopted processes, policies and standards
- Be an advocate of security awareness, enjoy staying on top of cyber security trends and incorporate best
- A bachelor’s degree in an IT-related field or equivalent amount of experience and/or training
- Strong background in security operations, processes, solutions and technologies
- Strong understanding of policy, compliance, and best practice security principles
- Basic understanding of risk concepts including risk identification, evaluation, mitigation and measurement
- Awareness of auditing standards and, industry guidelines and laws and privacy
- Awareness of information security models
- An interest in cyber security
- Highly self-motivated, self-directed, professional and reliable
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Ability to present ideas in business-friendly and user-friendly language
- Very strong customer service orientation
- Excellent written, oral, interpersonal, and presentational skills
- Experience working with cloud-based systems
- ITIL v3 certification, CISSP, CISA, CISM or similar certification preferred
- Knowledge of relevant legal and regulatory requirements
- Knowledge of common information security management frameworks
- Experience with enterprise risk assessment methodologies
What we offer
- Your own world class coach
- Regular team social events
- Flexible working
- Contribution to a wellbeing app (think meditation, fitness, sleep!)
- A weekly wellbeing hour and much more!
- Competitive benefit package
We are an equal opportunity employer dedicated to having a thriving, diverse team where everyone has a voice and feels able to be themselves. We believe that through valuing our uniqueness and respecting our differences, we can achieve more and that diversity adds to our culture. Attracting and developing a diverse workforce that reflects the communities in which we serve is essential to us.