Senior Security & Compliance Analyst

Subscribe to RSS Feed
Printer friendly interface
Job Title:
Senior Security & Compliance Analyst
Position ID:
J0518-1425
Job Type:
Permanent Full Time
Division:
IT/IS
Region:
Head Office
Job Category:
IT
Number of Positions:
1
Closing Date:
15/12/2018

Keeping You Moving

RSA is one of the world’s leading multinational insurance groups with over 300 years of experience and over 20 million customers worldwide.Our people are committed to building a dynamic internal culture where our people love what they do and feel motivated to keep things moving – for customers, for their colleagues and as part of their own growth and development. In RSA, employing positive people is how we achieve success. You will be working in an environment that encourages you to do great work and you constantly will be faced with fresh challenges that have a direct impact on our business. We believe your personality and passion will keep RSA and our business moving forward. At RSA we have a culture that supports and rewards high performance with a competitive reward policy for top performers. Our rewards package includes competitive compensation, work / life balance, opportunities to learn and the chance to make a difference working for a worldwide industry leader.

Position Overview:

As a key member of the Information Security and Compliance Team, you will be responsible for ensuring Royal & SunAlliance (RSA) Security Policies & Standards are implemented and appropriate security measures are in place to protect the Organisations systems resources and data. You will also be responsible for executing on our compliance mandate relating to Financial Control Framework, Payment Card Industry Standard and End User Computing Policy.

Who you are

Your enthusiasm is infectious. You challenge the status quo. You find solutions to problems. You go the extra mile to exceed customers’ expectations. You get things done the right way. You represent our brand with passion and pride. You are a team player. You have fun and you make work fun for those working around you.

What you will achieve in this role

• Carry out complex work requirements as generally directed by the Chief Information Security & Compliance Officer, working largely autonomously to meet needs of teams, projects and timelines. Expected to work on multiple projects simultaneously.
• Participates in the timely implementation and maintenance of security systems. Manage department initiated projects from start to finish.
• Supports, maintains and develops the processes around information security for the wide variety of information systems at RSA.
• Identify new Information Security risks and develop adequate controls/action plans to mitigate existing Security exposures.
• Build & maintain relationships with key stakeholders and identify opportunities to assist them achieve their goals & objectives
• Perform Security assessment reviews of 3rd parties, to ensure RSA data protection requirements are met.
• Support business activities and ensure Information security requirements are considered and where relevant recommendations implemented
• Promote Security awareness among users by identifying training needs and formulating plans to address awareness gaps
• Act as a consultant on specific security & compliance needs for RSA projects, persuading project participants on the essential nature and requirements of policy and regulatory requirements.
• Perform PCI Compliance testing and support quarterly Self-Assessment activity.
• Support incident handling investigations
• Provide support to external auditors during their annual review

What you bring to this role

• At least 10 years of progressive experience in various aspects of Information Technology & Governance roles
• A very broad and technical understanding of Information Technology and Information Security. Continuous effort is made in maintaining the required level of understanding with the frequent changing requirements of security, policies and regulatory requirements.
• Broad understanding of Security & Governance models (i.e. ISO 27002, PCI standard, NIST)
• Experience working with outsource service providers, including managed SIEM/SOC providers
• Incident management experience
• Strong problem solving ability
• Strong facilitation & project management skills
• Ability to multitask and to be able to change directions/priority quickly while working under pressure for sustained periods of time on potentially multiple projects.
• Ability to understand, assess, and interpret Group & Local Security Policy statements and their applicability to the security & compliance requirements at RSA.

Education & Experience
• B.Sc computer science or in a related field.
• Professional Designation in IT compliance or Security such as Certified Information Systems Auditor (CISA) or Certified Information Security Professional (CISSP) is preferable

Other Information

Applicants agree that by providing personal information in response to this ad, and otherwise in any recruitment process with RSA or its affiliated companies (the “Company”) such personal information may be retained and used for a period of one (1) year from the date of this application, for the purpose of consideration for employment opportunities which may arise during that time period, unless an applicant notifies the Company to the contrary.We thank all applicants. However, only those selected for an interview will be contacted.We invite you to learn more about us at our Career Site, www.rsagroup.ca, where you can apply on line. RSA group of Companies is strongly committed to diversity and welcomes applications from visible minority group members, women, Aboriginal persons, and persons with disabilities, members of the LGBT community, and others who may contribute to the further diversification of ideas.RSA group of Companies will provide reasonable accommodation for qualified individuals with disabilities in the job application process.If you have difficulty using our online application system and you need an accommodation due to a disability, please email AODA@RSAGROUP.CA or call us at toll free 1 (800)-855-0511. Please note this email is only for accommodation requests. Resumes sent to this email address will not be considered.

Applicants agree that by providing personal information in response to this ad, and otherwise in any recruitment process with RSA or its affiliated companies (the “Company”) such personal information may be retained and used for a period of one (1) year from the date of this application, for the purpose of consideration for employment opportunities which may arise during that time period, unless an applicant notifies the Company to the contrary.

Johnson is an equal opportunity employer. We thank all applicants for their interest. However, only those selected for an interview will be contacted.