Entrust Datacard Security Risk Analyst in Ottawa, Ontario
Security Risk Analyst REQ# 5424
Our growing company relies on curious, dedicated and innovative colleagues to anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust Datacard technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers. Each year, our solutions secure billions of transactions — and every day, our technologies issue and manage more than 10 million secure identities. How do we do all of this? Together.
Join us. Together we’ll create solutions for a more connected, mobile and secure life.
For more information, visit www.entrustdatacard.com. Follow us on Twitter, YouTube and LinkedIn.
Entrust Datacard is seeking an individual that will show strong leadership qualities in the areas of Security Governance, Risk, Compliance and Policy across the organization. This position works as part of a security team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion. This position demands an organized, action oriented team player with the ability to prioritize daily work and support on multiple initiatives simultaneously; strong communication and customer focus is required.
- Provide support for IT projects, identifying risk specific to the project and actions necessary for remediation
- Supports the development, implementation, and management of security policies and procedures to ensure they remain aligned with business objectives and meet regulatory requirements
- Conduct security risk assessments and IT audit, and manages risk tracking and remediation
- Track audit observations/action items and provide a Plan of Actions and Milestones (POAM) for corrective action(s)
- Act as a conduit for project related security requests to ensure requests meet approved design
- Familiar with ISO 27001:2013, with experience managing an and maturing an Information Security Management System
- Define information security strategies and procedures
- Act as project leader on information security projects of short to moderate duration
- Understand and articulate information security strategy, policy and procedures and their implications to the organization.
- Validate policies/standards and procedures with focus on identifying and remediating gaps in policy and procedures and inconsistencies across the organization
- Monitor the implementation of mitigating controls and their impact in reducing security risk scores
- Research information security standards; conduct system security and vulnerability analysis and risk assessments across the corporate IT landscape
- Guide and mentor less experienced information security team members
- Update job knowledge by tracking and understanding emerging security practices and standards
- 3-5 years related experience in Information Security Risk Management
- Experience with risk assessments, internal controls, business process and internal IT control testing or operational auditing
- Experience conducting Business Impact Analysis and Threat Risk Assessment.
- Excellent communication and written skills along with experience preparing reports for senior executives
- Proven understanding of Enterprise Network devices (i.e. routers, switches, firewalls)
- Proven understanding of Operating platforms (i.e. UNIX , Linux and Microsoft)
- Proven understanding of results from the following set of tools, to include but not limited to: NESSUS, WebInspect
- Experience preparing and testing IT Contingency Plans
- Familiarity with security industry standards (ISO 17799, ISO 27001:2013, NIST 800 series, etc.)
- Strong organizational skills
- Keen attention to detail
- Bachelor’s degree in Information Systems, Computer Science
- SSL Certificate knowledge
- Experience with eGRC tools and processes
- ITSM/ITIL knowledge
- Security clearance
- Risk related certifications (e.g. CISM, CISA, CRISC, CISSP, CIPP) a plus
About Entrust Datacard:
*Our growing company relies on curious, dedicated and innovative colleagues to anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust Datacard technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers. Each year, our solutions secure billions of transactions — and every day, our technologies issue and manage more than 10 million secure identities. How do we do all of this? *Together.__
Entrust Datacard encourages applications from all qualified candidates. _ Contact Nicole Mair at_ email@example.com or 613-270-3490 if you need accommodation at any stage of the application process or want more information on our accommodation policies.
Entrust Datacard Corporation is an EOE/AA/Veteran/People with Disabilities employer.
NO AGENCIES, NO RELOCATION
Job Title: Security Risk Analyst
Job ID: 5424
Location: Canada: Ottawa, Ontario
Full/Part Time: Full-Time