Senior Information Security Analyst (Remote First)
Zensurance
This job is no longer accepting applications
See open jobs at Zensurance.See open jobs similar to "Senior Information Security Analyst (Remote First)" Work In Tech.IT
Toronto, ON, Canada
Posted 6+ months ago
Zensurance is a scale-up InsurTech company that is re-imagining the commercial insurance market. At Zensurance, we want to empower small businesses across Canada to thrive by offering an honest, simplified, and modern approach to insurance. Our main recipe is a combination of modern technology and insurance industry expertise powered by our talented team members.
Being a technology-forward company, we utilize various tools and platforms to create fun, engaging and meaningful work experiences for our employees, as a remote-first company.
We are boldly going where no insurance broker has gone before!
Zensurance is growing, and we are looking for a Senior Information Security Analyst to join our IT team!
The IT team supports Zensurance and its team members with a full life-cycle of technology support (from on-boarding - to off-boarding). The team also supports and works closely with every team across Zensurance in providing technical support, implementation of technologies, and guidance for programs and initiatives related to their department.
Reporting to the IT Manager, you will be responsible for supporting our company-wide information security management program to ensure that information assets are adequately protected.
You will proactively work with Zensurance business units to implement practices that meet defined policies and standards for information security. This role also assists in a variety of IT-related risk management activities and includes the day-to-day support of various information security programs and initiatives.
As an individual contributor and a senior professional, you will work closely with the IT Manager, coach and mentor others across the organization.
This is a remote-first role within the GTA. #LI-Remote
Responsibilities
- Facilitate information security governance through the support of a hierarchical governance program, including being a major stakeholder of the information security steering committee or advisory board.
- Maintain and publish up-to-date information security policies, standards and guidelines.
- Support the information security and risk management awareness training programs for all employees, contractors and approved system users.
- Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
- Provide regular reporting on the current status of the information security program as part of a strategic enterprise risk management program.
- Support security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
- Support effective disaster recovery policies and standards to align with enterprise business continuity management program goals.
- Assist in the implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event.
- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program.
- Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
- Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
- Help manage security issues and incidents, and participate in problem and change management forums.
- Help maintain a knowledge base comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
- Design, coordinate and oversee security-testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Perform other duties as assigned.
Requirements
- University degree or college diploma in a recognized technical, vocational or academic program (preferably in InfoSec or Cyber Security) or equivalent work experience.
- 5+ years working in Information Security, preferably in an agile and fast paced environment.
- Experience in working with, documenting, and implementing Cloud security controls for AWS or similar Cloud providers.
- Experience facilitating implementation and execution of policies and processes across an organization.
- Experience translating stakeholder expectations in technical requirements.
- Experience writing and adapting cyber security policies, auditing and performing security gap analyses.
- Experience with common information security management frameworks and compliance standards, such as the CIS Controls v8, NIST, ISO 27001, SOC 2, PIPEDA, PCI.
- Able to communicate efficiently with stakeholders, both verbally and written.
- Experience working with legal, audit and compliance staff.
- Experience with Security platforms such as Crowdstrike or Mimecast.
- Proficiency with Google Workplace, Zoom, Slack and Microsoft Office (Excel and Word).
- Security certifications such as CISSP, CISA, CISM, GIAC, CBCP, MBCI, or similar are considered an asset.
- Track record of successful time management and analytical skills.
- Track record of showcasing technical leadership skills.
Perks we offer at Zensurance:
• Opportunity to work for Canada’s fastest-growing #insurtech scale-up
• Primarily remote work environment available to everyone
• Laptop, extra monitor and main accessories are provided
• Extra home office and supplies allowance to help with work-from-home set up
• Comprehensive and flexible health and dental plans to suit all lifestyles, including mental health
• Health/Personal Spending Accounts to subsidize your healthy habits and purchases
• Parental Leave Top Up
• Work from anywhere opportunities up to 60 days per occurrence
• Weekly Friday companywide huddles for casual catch-ups with other departments
• Build next-level relationships with your peers through scheduled companywide virtual and in-person team-building events
• Be a part of something special. We are confident you won’t find any other insurance company like us :)
Who we are. What we're building.
Business is hard work, insurance doesn’t have to be!
At Zensurance we believe that teamwork makes the dream work.
We are passionate about providing business owners with the best insurance solutions at great rates through an online and easy-to-use platform.
Our secret sauce is all about our culture. Here at Zensurance our culture is built on four core values that we live and breathe daily. They are:
INTEGRITY: We do what's right.
INCLUDE: We are an open and safe space for all.
INVENT: We take an innovative approach to creating straightforward solutions for our customers.
DELIVER: We set ambitious goals and hold ourselves accountable for achieving them.
Zensurance celebrates diversity in its workforce structure and encourages applications from all backgrounds.
Zensurance is an inclusive employer that celebrates diversity in its workforce structure. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the recruiter if you require accommodation; to ensure your accessibility needs are accommodated throughout this process. Information received relating to accommodation will be addressed confidentially.
We understand that looking for a new exciting opportunity can be time-consuming. We truly appreciate your time in going through the job posting and applying for a position with us.
This job is no longer accepting applications
See open jobs at Zensurance.See open jobs similar to "Senior Information Security Analyst (Remote First)" Work In Tech.
