More jobs:
Information Security Analyst; AI/First Line of Defense WTL
Job Description & How to Apply Below
Location: Southwestern Ontario
Information Security Analyst (AI / First Line of Defense)
Take part in meaningful technology and security initiatives focused on cloud environments, information risk, and AI governance. This role offers a mix of strategic and hands‑on responsibilities in a collaborative hybrid work environment.
What is in it for you:- Salaried: $55-65 per hour.
- Incorporated Business Rate: $65-75 per hour.
- 6-month contract with the potential for permanent employment.
- Full‑time position: 37.50 hours per week.
- Monday to Friday, from 9 am to 5 pm.
- Hybrid work arrangement (3 days on‑site).
- Based in Toronto or Waterloo, Ontario.
- Perform information risk assessments for projects, technologies, and generative AI initiatives by identifying risks, defining controls, and tracking control implementation.
- Conduct comprehensive assessments of IaaS, PaaS, SaaS, and generative AI projects, identifying and mitigating associated risks.
- Develop and implement governance frameworks for generative AI aligned with global information risk assessment methodologies.
- Collaborate with cross-functional teams to integrate risk frameworks with architecture reviews, project risk management processes, and business continuity and disaster recovery activities.
- Design, document, and implement business‑as‑usual security controls applicable to cloud‑based infrastructure, platforms, and services.
- Evaluate products for implementing security controls in cloud and on‑premises environments.
- Manage competing priorities to ensure timely completion of governance assessments and updates.
- Participate in project meetings to provide guidance on risks, impacts, and security considerations, while delivering timely updates to stakeholders.
- Ensure all information risk assessments are peer‑reviewed for completeness before distribution to stakeholders.
- Support operational security activities, including incident response, vulnerability management, and firewall reviews.
- Deliver training to stakeholders on information risk assessment processes and security best practices.
- Respond to audits, regulatory reviews, risk and control self‑assessments, and related inquiries.
- Stay informed about emerging AI technologies, evolving threats, and developments in AI governance.
- Degree in Computer Science, Information Technology, Data Science, Business Administration, or equivalent educational and professional experience.
- Professional certifications such as CISSP, CRISC, CISM, or CISA are considered an asset.
- 5 years of experience in Information Risk Management, including vendor risk management, project risk management, IT audit, or IT controls assessment.
- Experience across multiple information security disciplines, including network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, and cybersecurity.
- Deep knowledge of cloud computing security and IaaS, PaaS, and SaaS environments.
- Familiarity with regulatory and security frameworks such as NIST, ISO 27001, GDPR, Sarbanes‑Oxley, and the EU AI Act.
- Understanding of the financial services industry and its regulatory requirements is preferred.
- Strong communication and influencing skills with the ability to promote AI governance and risk management practices.
- Strong presentation and facilitation skills for a variety of audiences, including senior leadership.
- Excellent problem‑solving and analytical abilities, with an innovative approach to information security risk management.
- Proven ability to build and maintain effective relationships with stakeholders and cross‑functional teams.
- Strong organizational and time management skills, with the ability to manage multiple priorities in a changing environment.
- Collaborative team player with strong interpersonal skills and a proactive mindset.
- Passion for advancing AI governance and information security practices.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×