*Information Security Analyst (AI / First Line of Defense) WTL, ON
About the role
Information Security Analyst (AI / First Line of Defense)
Take part in meaningful technology and security initiatives focused on cloud environments, information risk, and AI governance. This role offers a mix of strategic and hands-on responsibilities in a collaborative hybrid work environm
What is in it for you:
• Salaried: $55-65 per hour. • Incorporated Business Rate: $65-75 per hour. • 6-month contract with the potential for permanent employment. • Full-time position: 37.50 hours per week. • Monday to Friday, from 9 am to 5 pm. • Hybrid work arrangement (3 days on-site). • Based in Toronto or Waterloo, Ontario.
Responsibilities:
• Perform information risk assessments for projects, technologies, and generative AI initiatives by identifying risks, defining controls, and tracking control implementation. • Conduct comprehensive assessments of IaaS, PaaS, SaaS, and generative AI projects, identifying and mitigating associated risks. • Develop and implement governance frameworks for generative AI aligned with global information risk assessment methodologies. • Collaborate with cross-functional teams to integrate risk frameworks with architecture reviews, project risk management processes, and business continuity and disaster recovery activities. • Design, document, and implement business-as-usual security controls applicable to cloud-based infrastructure, platforms, and services. • Evaluate products for implementing security controls in cloud and on-premises environments. • Manage competing priorities to ensure timely completion of governance assessments and updates. • Participate in project meetings to provide guidance on risks, impacts, and security considerations, while delivering timely updates to stakeholders. • Ensure all information risk assessments are peer-reviewed for completeness before distribution to stakeholders. • Support operational security activities, including incident response, vulnerability management, and firewall reviews. • Deliver training to stakeholders on information risk assessment processes and security best practices. • Respond to audits, regulatory reviews, risk and control self-assessments, and related inquiries. • Stay informed about emerging AI technologies, evolving threats, and developments in AI governance.
What you will need to succeed:
• Degree in Computer Science, Information Technology, Data Science, Business Administration, or equivalent educational and professional experience. • Professional certifications such as CISSP, CRISC, CISM, or CISA are considered an asset. • 5 years of experience in Information Risk Management, including vendor risk management, project risk management, IT audit, or IT controls assessment. • Experience across multiple information security disciplines, including network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, and cybersecurity. • Deep knowledge of cloud computing security and IaaS, PaaS, and SaaS environments. • Familiarity with regulatory and security frameworks such as NIST, ISO 27001, GDPR, Sarbanes-Oxley, and the EU AI Act. • Understanding of the financial services industry and its regulatory requirements is preferred. • Strong communication and influencing skills with the ability to promote AI governance and risk management practices. • Strong presentation and facilitation skills for a variety of audiences, including senior leadership. • Excellent problem-solving and analytical abilities, with an innovative approach to information security risk management. • Proven ability to build and maintain effective relationships with stakeholders and cross-functional teams. • Strong organizational and time management skills, with the ability to manage multiple priorities in a changing environment. • Collaborative team player with strong interpersonal skills and a proactive mindset. • Passion for advancing AI governance and information security practices.
Why Recruit Action?
Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process, some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.
Similar Jobs
*Information Security Analyst (AI / First Line of Defense) WTL, ON
About the role
Information Security Analyst (AI / First Line of Defense)
Take part in meaningful technology and security initiatives focused on cloud environments, information risk, and AI governance. This role offers a mix of strategic and hands-on responsibilities in a collaborative hybrid work environm
What is in it for you:
• Salaried: $55-65 per hour. • Incorporated Business Rate: $65-75 per hour. • 6-month contract with the potential for permanent employment. • Full-time position: 37.50 hours per week. • Monday to Friday, from 9 am to 5 pm. • Hybrid work arrangement (3 days on-site). • Based in Toronto or Waterloo, Ontario.
Responsibilities:
• Perform information risk assessments for projects, technologies, and generative AI initiatives by identifying risks, defining controls, and tracking control implementation. • Conduct comprehensive assessments of IaaS, PaaS, SaaS, and generative AI projects, identifying and mitigating associated risks. • Develop and implement governance frameworks for generative AI aligned with global information risk assessment methodologies. • Collaborate with cross-functional teams to integrate risk frameworks with architecture reviews, project risk management processes, and business continuity and disaster recovery activities. • Design, document, and implement business-as-usual security controls applicable to cloud-based infrastructure, platforms, and services. • Evaluate products for implementing security controls in cloud and on-premises environments. • Manage competing priorities to ensure timely completion of governance assessments and updates. • Participate in project meetings to provide guidance on risks, impacts, and security considerations, while delivering timely updates to stakeholders. • Ensure all information risk assessments are peer-reviewed for completeness before distribution to stakeholders. • Support operational security activities, including incident response, vulnerability management, and firewall reviews. • Deliver training to stakeholders on information risk assessment processes and security best practices. • Respond to audits, regulatory reviews, risk and control self-assessments, and related inquiries. • Stay informed about emerging AI technologies, evolving threats, and developments in AI governance.
What you will need to succeed:
• Degree in Computer Science, Information Technology, Data Science, Business Administration, or equivalent educational and professional experience. • Professional certifications such as CISSP, CRISC, CISM, or CISA are considered an asset. • 5 years of experience in Information Risk Management, including vendor risk management, project risk management, IT audit, or IT controls assessment. • Experience across multiple information security disciplines, including network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, and cybersecurity. • Deep knowledge of cloud computing security and IaaS, PaaS, and SaaS environments. • Familiarity with regulatory and security frameworks such as NIST, ISO 27001, GDPR, Sarbanes-Oxley, and the EU AI Act. • Understanding of the financial services industry and its regulatory requirements is preferred. • Strong communication and influencing skills with the ability to promote AI governance and risk management practices. • Strong presentation and facilitation skills for a variety of audiences, including senior leadership. • Excellent problem-solving and analytical abilities, with an innovative approach to information security risk management. • Proven ability to build and maintain effective relationships with stakeholders and cross-functional teams. • Strong organizational and time management skills, with the ability to manage multiple priorities in a changing environment. • Collaborative team player with strong interpersonal skills and a proactive mindset. • Passion for advancing AI governance and information security practices.
Why Recruit Action?
Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process, some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.