Security Analyst III

Compunnel

$90K — $120K *
Toronto, ON M3C 0E3In-Person
Information Technology
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 5+ years of experience in Information Risk management including vendor and project risk management.
  • Experience in various information security domains such as network and application security.
  • In-depth knowledge of cloud security and service models like IaaS, PaaS, and SaaS.
  • Familiarity with standards and regulations like NIST, ISO27001, GDPR, and the EU AI Act.
  • Strong communication skills to influence AI governance.
  • Analytical problem-solving abilities focused on innovative security solutions.
  • Presentation skills to engage diverse audiences.

Responsibilities

  • Conduct thorough assessments of cloud-based projects and generative AI for risk identification.
  • Develop governance frameworks for generative AI aligned with global standards.
  • Collaborate with teams to integrate risk frameworks into existing business processes.
  • Manage and prioritize tasks for timely governance assessments and updates.
  • Participate in project meetings, advising on risks and their implications.
  • Ensure peer review of all risk assessments for accuracy before distribution.
  • Support operational security activities like incident response and vulnerability management.
  • Train stakeholders on information risk assessment and security best practices.
  • Respond to audits and regulatory reviews regarding risk management.

Benefits

  • Opportunities for professional development and certifications support.
  • Access to training on emerging technologies and evolving threats.
  • Collaborative work environment with cross-functional teams.
  • Engagement in cutting-edge evaluations of AI technologies.
Full Job Description
JOB SUMMARY
This Security Analyst III position is part of the Information Risk team, responsible for comprehensive information security assessments of new technologies, including generative AI. The role involves maintaining governance frameworks, ensuring compliance with security standards, and managing risks associated with cloud, on-premises, and AI-driven platforms and services. Key activities include performing risk assessments for projects, designing and implementing BAU security controls, and evaluating products for security control implementation.

Key Responsibilities
• Conduct comprehensive assessments of IaaS, PaaS, SaaS, and generative AI projects, identifying and mitigating risks.
• Develop and implement governance frameworks tailored to generative AI, ensuring alignment with global information risk assessment methodologies.
• Collaborate with cross-functional teams to integrate the Risk framework with existing processes such as architecture review, project risk management, and Business Continuity & Disaster Recovery.
• Manage priorities between tasks, ensuring timely delivery of governance assessments and updates.
• Participate in project meetings to advise on risks and impact, providing timely updates to stakeholders.
• Ensure each information risk assessment completed is peer-reviewed for completeness before distribution to stakeholders.
• Support operational security activities including segment specific security processes (e.g., incident response, vulnerability management, Firewall reviews).
• Provide training to key stakeholders around information risk assessment processes and security best practices.
• Respond to audits, regulatory reviews, risk and controls self-assessments.
• Stay informed on emerging AI technologies, evolving threats, and opportunities within the AI governance discipline.

Required Qualifications
• 5+ years of experience in Information Risk management: vendor risk management, project risk management, IT audit, or IT controls assessment.
• Experience in a combination of relevant technical disciplines in the field of Information Security: network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, cybersecurity.
• Deep knowledge of cloud computing security and IaaS, PaaS, or SaaS environments.
• Familiarity with laws and standards frameworks (e.g., NIST, ISO27001, GDPR, Sarbanes-Oxley, EU AI Act).
• Strong communication and influencing skills, with the ability to foster a culture of AI governance and risk management.
• Effective problem-solving and analytical skills, with an innovative approach to information security risk management culture, problem solving, analytical and innovative.
• Strong presentation and facilitation skills for diverse audiences.
• Ability to build and maintain strong relationships across teams and stakeholders.
• Collaborative team player with excellent time management and organizational skills to handle multiple tasks and changing priorities.

Preferred Qualifications
• Understanding of the financial industry and its regulatory requirements is preferred.

Certifications
• Relevant professional designations (e.g., CISSP, CRISC, CISM, CISA) are a plus.
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Compunnel

  • DevSecOps Engineer
    $100K — $130K *
    Richmond, VA 23223 (Richmond City County)
    Today
    Information Technology
    In-Person
  • Agile Development Lead
    $110K — $140K *
    San Antonio, TX 78228 (Bexar County)
    Today
    Enterprise Technology
    In-Person
  • HPE NonStop Systems Administrator
    $90K — $120K *
    Richmond, VA 23223 (Richmond City County)
    Today
    Technical Services
    In-Person
  • Data Architect
    $100K — $130K *
    Aliso Viejo, CA 92656 (Orange County)
    Today
    Information Technology
    In-Person
  • Lead Business Analyst
    $100K — $130K *
    Aliso Viejo, CA 92656 (Orange County)
    Today
    Business Services
    In-Person

More Information Technology Jobs

Find similar Security Analyst III jobs:

NationwideToronto, ON