About the role
Permanent Full Time
The Information Security Analyst is part of the Project Security team, working with IT, project, and business partners to help them understand and manage information security threats and assess controls. The role also supports the delivery of project before Transition to Production(T2P) to support line of business (LoB) teams across Canada including project engagements, threat risk assessments, security exceptions, security consultations, and more.
This role reports to the Manager, Project Security within the Information Security Technology Risk group. In addition to the general accountabilities below, we are particularly interested in hearing from candidates with the following specialties:
What you will do
- Focused on providing information security consultation and completing security due diligence throughout the project lifecycle to project, business, and IT stakeholders.
- Provide expert security guidance to project teams to address appropriate controls in projects and initiatives.
- Ensure the safeguarding and protection of Canada Life's confidential information through identifying security controls that prevent accidental disclosure, modification, or destruction of data, while enhancing the organization's overall security posture.
- Conducting information security due diligence (e.g. Threat Risk Assessment (TRA) and Threat modeling) as needed.
- Research evolving threats and security findings and provide recommendations to project teams.
- Collaborate with the Security team documenting findings in reports.
- Strong desire to work collaboratively in an unconventional and non-linear way to problem solve unique solutions.
- Collaborate with Canada Life’s different lines of business and produce quality deliverables with outcomes oriented to drive change in ambiguous situations.
- Work proactively with internal stakeholders to understand their needs and deliver creative solutions.
- Strive for continuous learning and can influence others.
- Balance competing deadlines while ensuring projects meet their go-live date.
- Review vulnerability reports to identify security weaknesses on systems and help stakeholders understand controls that are appropriate to mitigate risks. Examples of these types of reports include:
-
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST)
- Software Composition Analysis (SCA)
- Penetration Testing results
- Support any other departmental objectives as required.
What you will bring
- Post-secondary degree in Business, Technology or related discipline or an equivalent combination of education and related experience.
- At least 5 years of experience in Information Security and/or Information Technology (IT)
- Nice to have professional designations include Sec+, CC, CCSP, CISM, CISA, and other similar certifications.
- Proven experience in interpreting and consulting on Information Security and IT principles, protocols, practices, and industry standards with different stakeholder groups.
- Extensive knowledge of security assessments and due diligence, including understanding various attack/threat vectors and determining corresponding security controls to mitigate risks.
- Strong technical background with exposure to multiple aspects of information technology, such as networks, servers, application development, architecture, storage, cloud technologies, Automation and AI.
- In-depth understanding of existing and emerging Information Security technologies, which relate to encryption, network/web application firewalls, IDS/IPS, advanced malware protection, DDoS, DLP, and SIEM systems, etc.
- Strong knowledge of cloud security and cloud-based technologies, particularly AWS and Azure.
- Familiarity with IT control frameworks such as SOC, ISO 27001, NIST Cybersecurity Framework (CSF), and the Secure Controls Framework (SCF).
- Working knowledge of IT review and testing processes.
- A proactive self-starter who excels with minimal supervision, possesses strategic thinking abilities, and is skilled in negotiation and consensus building.
The base salary for this position is between $minimum - $ maximum annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.
Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.
Be your best at Canada Life- Apply today!
Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.
You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.
Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.
Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations.
We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.
Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.
#LI-Hybrid
About Canada Life
At Canada Life, we’re focused on improving the financial, physical and mental well-being of Canadians. Whether handling policy claims, help growing and protecting clients’ retirement and investment savings, providing workplace mental health support for all employers or helping build stronger communities by investing in community projects, we are committed to putting the customer first in all that we do.
That trust is built on the dedication, skill and energy of our employees and advisors and their commitment to our customers and to our communities.
Canada Life is a subsidiary of Great-West Lifeco Inc. and is a member of the Power Corporation group of companies.
About the role
Permanent Full Time
The Information Security Analyst is part of the Project Security team, working with IT, project, and business partners to help them understand and manage information security threats and assess controls. The role also supports the delivery of project before Transition to Production(T2P) to support line of business (LoB) teams across Canada including project engagements, threat risk assessments, security exceptions, security consultations, and more.
This role reports to the Manager, Project Security within the Information Security Technology Risk group. In addition to the general accountabilities below, we are particularly interested in hearing from candidates with the following specialties:
What you will do
- Focused on providing information security consultation and completing security due diligence throughout the project lifecycle to project, business, and IT stakeholders.
- Provide expert security guidance to project teams to address appropriate controls in projects and initiatives.
- Ensure the safeguarding and protection of Canada Life's confidential information through identifying security controls that prevent accidental disclosure, modification, or destruction of data, while enhancing the organization's overall security posture.
- Conducting information security due diligence (e.g. Threat Risk Assessment (TRA) and Threat modeling) as needed.
- Research evolving threats and security findings and provide recommendations to project teams.
- Collaborate with the Security team documenting findings in reports.
- Strong desire to work collaboratively in an unconventional and non-linear way to problem solve unique solutions.
- Collaborate with Canada Life’s different lines of business and produce quality deliverables with outcomes oriented to drive change in ambiguous situations.
- Work proactively with internal stakeholders to understand their needs and deliver creative solutions.
- Strive for continuous learning and can influence others.
- Balance competing deadlines while ensuring projects meet their go-live date.
- Review vulnerability reports to identify security weaknesses on systems and help stakeholders understand controls that are appropriate to mitigate risks. Examples of these types of reports include:
-
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST)
- Software Composition Analysis (SCA)
- Penetration Testing results
- Support any other departmental objectives as required.
What you will bring
- Post-secondary degree in Business, Technology or related discipline or an equivalent combination of education and related experience.
- At least 5 years of experience in Information Security and/or Information Technology (IT)
- Nice to have professional designations include Sec+, CC, CCSP, CISM, CISA, and other similar certifications.
- Proven experience in interpreting and consulting on Information Security and IT principles, protocols, practices, and industry standards with different stakeholder groups.
- Extensive knowledge of security assessments and due diligence, including understanding various attack/threat vectors and determining corresponding security controls to mitigate risks.
- Strong technical background with exposure to multiple aspects of information technology, such as networks, servers, application development, architecture, storage, cloud technologies, Automation and AI.
- In-depth understanding of existing and emerging Information Security technologies, which relate to encryption, network/web application firewalls, IDS/IPS, advanced malware protection, DDoS, DLP, and SIEM systems, etc.
- Strong knowledge of cloud security and cloud-based technologies, particularly AWS and Azure.
- Familiarity with IT control frameworks such as SOC, ISO 27001, NIST Cybersecurity Framework (CSF), and the Secure Controls Framework (SCF).
- Working knowledge of IT review and testing processes.
- A proactive self-starter who excels with minimal supervision, possesses strategic thinking abilities, and is skilled in negotiation and consensus building.
The base salary for this position is between $minimum - $ maximum annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.
Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.
Be your best at Canada Life- Apply today!
Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.
You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.
Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.
Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations.
We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.
Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.
#LI-Hybrid
About Canada Life
At Canada Life, we’re focused on improving the financial, physical and mental well-being of Canadians. Whether handling policy claims, help growing and protecting clients’ retirement and investment savings, providing workplace mental health support for all employers or helping build stronger communities by investing in community projects, we are committed to putting the customer first in all that we do.
That trust is built on the dedication, skill and energy of our employees and advisors and their commitment to our customers and to our communities.
Canada Life is a subsidiary of Great-West Lifeco Inc. and is a member of the Power Corporation group of companies.