Information Technology Security Analyst
About the role
Location Address: Downtown Toronto or Scarborough – onsite 2x/week (hybrid) Contract Duration: 6 months Possibility of extension Number of Positions: 1 Schedule Hours: 9am-5pm Monday-Friday; standard 37.5 hrs/week (Possible OT) Reason: backfill
Typical Day in Role: The incumbent is responsible for supporting the Senior Manager, Director, CIO, and CSO in achieving enterprise security strategic goals through various processes, including: Contribute to the success of our cloud transformation by supporting the review and triage of the findings flagged by Cloud-Native Application Protection Platforms (CNAPP). Develop and/or enhance strategies and processes to manage the security vulnerabilities and threats for cloud-native applications. Develop and/or enhance reporting to development teams, and all levels of management to provide proper tracking and measurement of remediation relative to established objectives. Leverage AI-assisted capabilities to support the triage and prioritization of CNAPP findings, improving signal-to-noise ratio and accelerating identification of true risk across cloud environments. Collaborate with stakeholders across the Bank — you will work closely with Development and Engineering, DevOps, Cloud, Application Security, and other application owner teams across the organization to deliver Cloud Security capabilities for the Bank. Utilize AI-driven insights and tooling to analyze cloud misconfigurations, identify root causes, and recommend effective remediation strategies. Review and recommend remediations for Cloud Workload Protection Platform (CWPP) vulnerabilities, and Cloud Security Posture Management (CSPM) findings. Recommend, design, implement, deploy, and maintain Application Security controls required to protect Scotiabank and its customers. Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk. Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions
Candidate Requirements/Must Have Skills:
- 10+ years’ relevant working experience in IT (development, DevOps, cloud security etc.)
- 4+ years’ experience with popular CI/CD tools and processes like BitBucket/GitHub, Jfrog Artifactory, Jenkins, Azure DevOps, GitLab CI/CD, CircleCI.
- 2+ years’ experience with Cloud Security domains like CNAPP, CWPP, CSPM and/or tools like SCCE, CrowdStrike, Prisma Cloud, Aqua Enterprise, MS Defender etc.
- 5+ years’ experience with documenting process, procedure, and user guide.
Nice-To-Have Skills:
- GCP PCSE Certification
- experience with large organization cloud transformation.
- experience as a DevSecOps Engineer, with demonstrated experience in security integration, automation of security processes, risk assessment and mitigation. -GCP/Azure experience
Best VS. Average Candidate: -an individual who comes with strong experience but is eager to learn with the team -experience with large organization cloud transformation -experience with GCP and/or Azure
Candidate Review & Selection 1 round -Technical Interview (experience/scenario based questions) -HM/Technical Lead + Cloud security specialist – MS Teams Video – 1 hr
Not the right fit? Search for Information Technology Security Analyst jobs in Toronto, Ontario, Canada
About Delpath
Delpath is an Information Technology Consulting, Delivery & Staffing organization. We commission & deliver small to large size Technology Projects in the Greater Toronto Area across diverse business domains.
Delpath offers innovative workforce solutions that connects human talent with the brightest businesses in our communities.
We know that people matter, and it is what makes or breaks a great organization. We aim to help our clients create a workplace that embraces diversity in all forms. Our teams are our greatest asset.
Similar Jobs
Information Technology Security Analyst
About the role
Location Address: Downtown Toronto or Scarborough – onsite 2x/week (hybrid) Contract Duration: 6 months Possibility of extension Number of Positions: 1 Schedule Hours: 9am-5pm Monday-Friday; standard 37.5 hrs/week (Possible OT) Reason: backfill
Typical Day in Role: The incumbent is responsible for supporting the Senior Manager, Director, CIO, and CSO in achieving enterprise security strategic goals through various processes, including: Contribute to the success of our cloud transformation by supporting the review and triage of the findings flagged by Cloud-Native Application Protection Platforms (CNAPP). Develop and/or enhance strategies and processes to manage the security vulnerabilities and threats for cloud-native applications. Develop and/or enhance reporting to development teams, and all levels of management to provide proper tracking and measurement of remediation relative to established objectives. Leverage AI-assisted capabilities to support the triage and prioritization of CNAPP findings, improving signal-to-noise ratio and accelerating identification of true risk across cloud environments. Collaborate with stakeholders across the Bank — you will work closely with Development and Engineering, DevOps, Cloud, Application Security, and other application owner teams across the organization to deliver Cloud Security capabilities for the Bank. Utilize AI-driven insights and tooling to analyze cloud misconfigurations, identify root causes, and recommend effective remediation strategies. Review and recommend remediations for Cloud Workload Protection Platform (CWPP) vulnerabilities, and Cloud Security Posture Management (CSPM) findings. Recommend, design, implement, deploy, and maintain Application Security controls required to protect Scotiabank and its customers. Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk. Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions
Candidate Requirements/Must Have Skills:
- 10+ years’ relevant working experience in IT (development, DevOps, cloud security etc.)
- 4+ years’ experience with popular CI/CD tools and processes like BitBucket/GitHub, Jfrog Artifactory, Jenkins, Azure DevOps, GitLab CI/CD, CircleCI.
- 2+ years’ experience with Cloud Security domains like CNAPP, CWPP, CSPM and/or tools like SCCE, CrowdStrike, Prisma Cloud, Aqua Enterprise, MS Defender etc.
- 5+ years’ experience with documenting process, procedure, and user guide.
Nice-To-Have Skills:
- GCP PCSE Certification
- experience with large organization cloud transformation.
- experience as a DevSecOps Engineer, with demonstrated experience in security integration, automation of security processes, risk assessment and mitigation. -GCP/Azure experience
Best VS. Average Candidate: -an individual who comes with strong experience but is eager to learn with the team -experience with large organization cloud transformation -experience with GCP and/or Azure
Candidate Review & Selection 1 round -Technical Interview (experience/scenario based questions) -HM/Technical Lead + Cloud security specialist – MS Teams Video – 1 hr
Not the right fit? Search for Information Technology Security Analyst jobs in Toronto, Ontario, Canada
About Delpath
Delpath is an Information Technology Consulting, Delivery & Staffing organization. We commission & deliver small to large size Technology Projects in the Greater Toronto Area across diverse business domains.
Delpath offers innovative workforce solutions that connects human talent with the brightest businesses in our communities.
We know that people matter, and it is what makes or breaks a great organization. We aim to help our clients create a workplace that embraces diversity in all forms. Our teams are our greatest asset.