Information Security Analyst 3 (Data Loss Prevention)
Top Benefits
About the role
Permanent Full Time
The Senior Information Security Analyst plays a crucial role in our first line of cyber defense. This position involves collaborating with various stakeholders, including technology and business partners, to effectively manage information security risks and ensure compliance with organizational policies. Additionally, the role supports the delivery of analysis-driven cybersecurity services to our internal clients across Canada.
We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team in the Technology Risk and CISO department. This role will primarily focus on maintaining the integrity and confidentiality of our organization’s data by leading the development and execution of Data Loss Prevention strategies, which includes configuring and managing DLP systems to monitor and prevent unauthorized data movements across endpoints, networks, and cloud platforms. The candidate will handle incident response by investigating alerts, determining the scope and impact of potential data breaches, and coordinating with various teams for resolution. Additionally, the candidate will develop and refine data security policies, provide training to increase organizational awareness, and stay updated with the latest in DLP technology to recommend advancements or modifications to our security infrastructure.
What you will do:
Design and Implementation:
- Design, implement, and manage the end-to-end DLP control to protect sensitive data across endpoints, cloud, email, network, and mobile environments according to identified requirements, developed milestones, and approved program.
- Develop and expand DLP policies, rules, and controls to align with evolving business needs, regulatory requirements, and industry best practices.
- Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
- Support the expansion of DLP capabilities into emerging technologies, and egress channels.
Incident Response:
- Follow the DLP incident response process, collaborating with all stakeholders (i.e., HR, Privacy, and Business Units) to investigate, contain, and remediate data loss incidents.
- Develop and maintain DLP incident playbooks and ensure timely response to alerts.
- Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
- Conduct post-incident reviews and recommend improvements to prevent future incidents.
Policy Development and Enforcement:
- Establish, enforce, and regularly review DLP policies, standards, and guidelines to ensure comprehensive coverage of sensitive data across the organization.
- Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA) and industry frameworks.
- Develop tailored DLP policies for business units based on specific data classification and operational needs.
Collaboration and Communication:
- Define, track, and report on key performance indicators (KPIs) and other DLP metrics to measure control effectiveness and risk posture.
- Provide detailed reporting on DLP incidents, policy violations, and achieved progress.
Training and Awareness:
- Develop and deliver DLP awareness and training programs to educate employees on the importance of data protection, acceptable use policies, and secure data handling practices.
- Promote a culture of data security awareness across the organization through regular communications and engagement activities.
Innovation and Continuous Improvement:
- Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
- Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
- Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
- Report identified DLP gaps and drive initiatives to close them.
What you will bring:
-
Bachelor’s degree from an accredited college or university or equivalent experience.
-
Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
-
Deep knowledge of Data Loss Prevention (DLP) technologies, frameworks, and platforms—particularly Microsoft Purview, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint.
-
Proven experience implementing and managing solutions for Data Loss Prevention, Insider Risk Management, Data Security Posture Management, and Conditional Access.
-
Strong understanding of data classification, encryption, regulatory requirements, and standards.
-
Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
-
Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
-
Experience collaborating with cross-functional teams and senior stakeholders.
-
Exceptional analytical, problem-solving, and investigative skills.
-
Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
-
Excellent communicator including demonstrated presentation and negotiation skills.
-
Experience with security solutions for multi-tier cloud-based applications
-
Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
-
Working knowledge of IT Audit processes, including design of control test procedures.
-
Demonstrated ability to foster relationships and build trust.
-
Ability to work independently and deliver on commitments.
-
Strong analytical and problem-solving skills.
-
Experience in risk assessment methodologies.
-
Reliability Status Security Clearance – this can only be completed with candidates who receive an offer of employment. This is a personal security status that is required as a condition of employment before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website. The cost of submitting these checks will be covered by Canada Life.
The base salary for this position is between $70,500.00 - $117,400.00 annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.
Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.
Be your best at Canada Life- Apply today!
Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.
You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.
Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.
Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations.
We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.
Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.
#LI-Hybrid
About Canada Life
At Canada Life, we’re focused on improving the financial, physical and mental well-being of Canadians. Whether handling policy claims, help growing and protecting clients’ retirement and investment savings, providing workplace mental health support for all employers or helping build stronger communities by investing in community projects, we are committed to putting the customer first in all that we do.
That trust is built on the dedication, skill and energy of our employees and advisors and their commitment to our customers and to our communities.
Canada Life is a subsidiary of Great-West Lifeco Inc. and is a member of the Power Corporation group of companies.
Information Security Analyst 3 (Data Loss Prevention)
Top Benefits
About the role
Permanent Full Time
The Senior Information Security Analyst plays a crucial role in our first line of cyber defense. This position involves collaborating with various stakeholders, including technology and business partners, to effectively manage information security risks and ensure compliance with organizational policies. Additionally, the role supports the delivery of analysis-driven cybersecurity services to our internal clients across Canada.
We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team in the Technology Risk and CISO department. This role will primarily focus on maintaining the integrity and confidentiality of our organization’s data by leading the development and execution of Data Loss Prevention strategies, which includes configuring and managing DLP systems to monitor and prevent unauthorized data movements across endpoints, networks, and cloud platforms. The candidate will handle incident response by investigating alerts, determining the scope and impact of potential data breaches, and coordinating with various teams for resolution. Additionally, the candidate will develop and refine data security policies, provide training to increase organizational awareness, and stay updated with the latest in DLP technology to recommend advancements or modifications to our security infrastructure.
What you will do:
Design and Implementation:
- Design, implement, and manage the end-to-end DLP control to protect sensitive data across endpoints, cloud, email, network, and mobile environments according to identified requirements, developed milestones, and approved program.
- Develop and expand DLP policies, rules, and controls to align with evolving business needs, regulatory requirements, and industry best practices.
- Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
- Support the expansion of DLP capabilities into emerging technologies, and egress channels.
Incident Response:
- Follow the DLP incident response process, collaborating with all stakeholders (i.e., HR, Privacy, and Business Units) to investigate, contain, and remediate data loss incidents.
- Develop and maintain DLP incident playbooks and ensure timely response to alerts.
- Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
- Conduct post-incident reviews and recommend improvements to prevent future incidents.
Policy Development and Enforcement:
- Establish, enforce, and regularly review DLP policies, standards, and guidelines to ensure comprehensive coverage of sensitive data across the organization.
- Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA) and industry frameworks.
- Develop tailored DLP policies for business units based on specific data classification and operational needs.
Collaboration and Communication:
- Define, track, and report on key performance indicators (KPIs) and other DLP metrics to measure control effectiveness and risk posture.
- Provide detailed reporting on DLP incidents, policy violations, and achieved progress.
Training and Awareness:
- Develop and deliver DLP awareness and training programs to educate employees on the importance of data protection, acceptable use policies, and secure data handling practices.
- Promote a culture of data security awareness across the organization through regular communications and engagement activities.
Innovation and Continuous Improvement:
- Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
- Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
- Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
- Report identified DLP gaps and drive initiatives to close them.
What you will bring:
-
Bachelor’s degree from an accredited college or university or equivalent experience.
-
Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
-
Deep knowledge of Data Loss Prevention (DLP) technologies, frameworks, and platforms—particularly Microsoft Purview, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint.
-
Proven experience implementing and managing solutions for Data Loss Prevention, Insider Risk Management, Data Security Posture Management, and Conditional Access.
-
Strong understanding of data classification, encryption, regulatory requirements, and standards.
-
Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
-
Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
-
Experience collaborating with cross-functional teams and senior stakeholders.
-
Exceptional analytical, problem-solving, and investigative skills.
-
Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
-
Excellent communicator including demonstrated presentation and negotiation skills.
-
Experience with security solutions for multi-tier cloud-based applications
-
Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
-
Working knowledge of IT Audit processes, including design of control test procedures.
-
Demonstrated ability to foster relationships and build trust.
-
Ability to work independently and deliver on commitments.
-
Strong analytical and problem-solving skills.
-
Experience in risk assessment methodologies.
-
Reliability Status Security Clearance – this can only be completed with candidates who receive an offer of employment. This is a personal security status that is required as a condition of employment before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website. The cost of submitting these checks will be covered by Canada Life.
The base salary for this position is between $70,500.00 - $117,400.00 annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.
Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.
Be your best at Canada Life- Apply today!
Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.
You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.
Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.
Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations.
We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.
Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.
#LI-Hybrid
About Canada Life
At Canada Life, we’re focused on improving the financial, physical and mental well-being of Canadians. Whether handling policy claims, help growing and protecting clients’ retirement and investment savings, providing workplace mental health support for all employers or helping build stronger communities by investing in community projects, we are committed to putting the customer first in all that we do.
That trust is built on the dedication, skill and energy of our employees and advisors and their commitment to our customers and to our communities.
Canada Life is a subsidiary of Great-West Lifeco Inc. and is a member of the Power Corporation group of companies.