itjobs.ca Logo
D2L logo

Senior Information Security Analyst

D2Labout 20 hours ago
Hybrid
Senior Level
Full-Time

Top Benefits

Wellness Subsidy
Equity Grants
Variable Incentive

About the role

D2L is a cloud company that is modernizing education and building the Future of Work. The old models of teaching and learning are in the midst of the largest transformation in history, and D2L is at the heart of that fundamental shift. New models of teaching and learning enable a personalized, student-centric experience – and deliver improved retention, engagement, satisfaction, and results for learners of all ages – in schools, campuses, and companies. D2L is disrupting the way the world learns, by providing the next generation learning environment and solutions to engage and inspire learners. And most importantly, by giving customers a platform that is easy, flexible, and smart. No other company provides a solution as robust and innovative as D2L. D2L has had a singular mission for 25 years and is dedicated to that same mission in the years ahead: to transform the way the world learns – and by doing so, we will help improve human potential globally. Every application we receive is personally reviewed by a member of our Talent Acquisition team - yes, a real person looks at your resume! While we use AI tools internally to streamline tasks like meeting notes, summaries, and administrative work, these tools never rank resumes, make hiring decisions, or influence candidate evaluations. As Senior Information Security Analyst at D2L, you are a key influencer and contributor to the refinement and delivery of D2L's Information Security Program. How will I make an Impact? Assist in refining and delivering D2L's Information Security Program with particular focus on endpoints, applications, and the underlying infrastructure. Perform regular application/infrastructure security scans, generate reports, and liaise with related stakeholders to work towards closing open issues. Liaise with operational teams on existing and emerging information security risks and provide subject matter expertise. Monitor/track information security risks and related artifacts throughout their lifecycle. Support the Information Security Continuous Monitoring Program(s) aligned with specific security compliance programs. Support the product sales cycle by completing security questionnaires from prospective clients. Collaborate with internal subject matter experts to collate, review, and submit periodic security questionnaires from D2L’s client. Support internal D2L teams during security assessments/reviews/audits. Review independent third-party reports from vendors, suppliers and partners for adequacy and alignment with D2L’s Information Security Program. Track identified gaps from third party assessments and follow up with stakeholders to close outstanding issues. What you’ll bring to the role: Competencies: Ability to think critically Ability to engage process owners and explain security controls associated with processes Ability to breakdown complex technical concepts to simple terms for various levels of stakeholders Ability to achieve outcomes with minimal supervision. Ability to learn fast and synthesize information from different domains and sources. Ability to work well with teams within a matrix structure and operational setting Skills Sound knowledge of Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA). Sound knowledge of public cloud infrastructure Practical knowledge of implementing security controls in public cloud deployments/workloads Practical knowledge of Governance Risk and Compliance (GRC) tools Practical knowledge of infrastructure and application security scanning tools Deep understanding of vulnerability management and penetration testing Acumen with Artificial Intelligence tools Sound knowledge of risk management framework and standards Sound knowledge of Information Security frameworks and standards including ISO 27001, NIST 800-53 etc. Suggested Qualifications/Experience: You have previous hands-on experience implementing information security controls across a wide range of domains including Endpoint Security, Application Security, and Infrastructure Security. You have hands-on experience with public cloud services like Amazon Web Services (AWS), Azure etc. You have hands-on experience performing vulnerability assessments and penetration tests. You have demonstrable experience working with teams that have implemented security controls based on ISO 27001/NIST 800-53, CSAE 3416/SSAE18, SOC1/2/3. You have experience using enterprise-grade governance risk and compliance (GRC) tools. You have experience assessing security control implementations on large enterprise, web scale and serverless environments. You have experience engaging stakeholder in remediating security-related findings You have experience supporting an audit exercise by generating security-related evidence This position is to fill an existing vacancy D2L operates in a hybrid work style, with expectation of 3 days per week in office. The expected base salary range for a new hire in this role is listed below. The annualized base salary offered is determined by each candidate’s relevant knowledge, skills, education, training and experience. It is aligned to ensure both internal and external competitiveness using market data for the geographic location and industry. As part of the total compensation at D2L the role may be eligible for additional benefits including a Wellness Subsidy, Equity Grants, Variable Incentive, and more. Base Salary Range $100,000—$130,000 CAD Don’t meet every single requirement? We strongly encourage you to still apply! At D2L, we are committed to creating a diverse and inclusive environment. We encourage your application even if you don't believe you meet every single qualification outlined, because we love to help our people grow and develop! Why we're awesome: At D2L, we are dedicated to providing you with the tools to do the best work of your life. While some of our perks and benefits may vary depending on location or employment type, we are proud to provide employees with the following through #LifeAtD2L: Impactful work transforming the way the world learns Flexible work arrangements Learning and Growth opportunities Tuition reimbursement of up to $4,000 CAD for continuing education through our SkillsWave Program 2 Paid Days off for SkillsWave-related activities like exams or final assignments Employee wellbeing (Access to mental health services, EFAP program, financial planning and more) Retirement planning 2 Paid Volunteer Days Competitive Benefits Package Home Internet Reimbursements Employee Referral Program Wellness Reimbursement Employee Recognition Social Events Dog Friendly Offices Spaces at our HQ in Kitchener, Winnipeg, Vancouver and Melbourne offices.

About D2L

E-Learning Providers

Similar Jobs