Senior Analyst, IT Security
Location : Saint-Eustache, Quebec
Headquarters : Springfield, Tennessee, United States
Hiring Mode : Full Time
Experience : Senior Level
Senior Analyst, IT Security
- The Senior Analyst, IT Security is responsible for assessing the risks associated with information technology and contributing to the remediation of the vulnerabilities identified in terms of IT security and risks for the entire company. .
- It assesses risks relating to information and promotes the remediation of vulnerabilities identified in Bain Magique's network, systems and applications. It presents the results and recommendations for corrective measures. It performs vulnerability scans as needed using IT security tools and approaches.
- It assesses the status of the computer network, systems and software applications with respect to IT security / risk, as well as the supplier management program. It identifies ways to reduce risk and presents remedial options related to accepting or reducing risk scenarios.
- He collaborates and monitors the execution of tasks related to risk remediation, changes related to risk reduction and reports presenting findings. It ensures the monitoring of the IT platform and the systems and applications of the suppliers. It produces weekly reports on the progress of projects and responds to outstanding questions. The Senior Analyst, IT Security collaborates in all IT audits, IT risk assessments and compliance with applicable standards
- Take responsibility for maintaining PCI-DSS compliance;
- Provide advice and oversee the IT security program in accordance with best market practices (NIST, CIS, PCI-DSS, Miter ATTandamp; CK);
- Ensure that the various IT initiatives are carried out in accordance with our IT security program;
- Manage relationships with external cybersecurity partners;
- Review cybersecurity reports and make corrections;
- Check the security of infrastructure hosted on the cloud and make recommendations;
- Define, write, update and communicate the company's IT security policies;
- Act as a technical expert with regard to computer security;
- Act as project manager / leader for IT security related projects.
- Control security access;
- Perform security assessments using vulnerability testing and risk analysis;
- Perform internal and external security audits;
- Analyze security breaches to determine their causes;
- Maintain business incident response and disaster recovery plans;
- Verify the security of external suppliers and collaborate with them to meet security requirements;
- Actively contribute to the development and evolution of the cybersecurity training and awareness program for employees;
- Revise and produce technical documentation from time to time;
- Implement, maintain and update Industry 4.0 (IOT) security.
- Bachelor's degree in computer and electronic systems, computer science, information systems management and security or a similar field or a combination of education and experience.
- 7 to 10 years of experience in computer security or information security with a real ability to collaborate with senior executives and authorities.
- A minimum of 4 years of experience in managing corporate IT security controls.
- A minimum of 4 years of experience performing IT compliance assessments.
- Good knowledge of technical infrastructure, networks, databases and systems in relation to IT security and risks.
- Professional certification Certified Information Systems Security Professional (CISSP) or similar certification.
- Experience in performing security reviews and risk assessments preferably.
- Technical experience in managing security in a multi-user environment.
- Good understanding of industry safety standards practices.
- Excellent oral and written communication skills, in French and English.
- Profound listening skills and excellent interpersonal skills.
- Team spirit, capacity for collaboration, flexibility and adaptation.
- Strong analytical and problem solving skills.
- Ability to work well under pressure, prioritize tasks and be well organized.