Story Behind the Need
• Business group: client Cyber Integration & Automation (CIA) team, the Policy Design and Implementation group is responsible for designing, testing and implementing security control configurations operated under Cyber Security Services (CSS).
• This involves building security policy configurations, testing to ensure they meet business requirements and deploying them globally across the bank’s security infrastructure.
• This team also provides post implementation support and root cause analysis in supporting the bank’s mission and mandates for cyber security.
• Project: The Cyber Automation group is seeking 2 IT Security Analysts to manage and support the bank’s security controls, with focus on solutions around data loss prevention (DLP) and user behaviour analytics (UBA).
• This individual will report directly to the Senior Manager of Cyber Integrations & Automation.
• Reason for request: Project Workload Increase
Candidate Value Proposition
• The successful candidate will not only have the opportunity to gain valuable experience at a top 5 Canadian bank, but also get exposure to one of the most forward thinking security groups within banking while working hands on with some of the newest software’s and applications.
Typical Day in Role
• Build and create and manage policies all across data loss prevention for the bank
• Work with various teams on creating policies, working with vendors to bring in updates on infrastructure
• McAfee is the big software they use right now
• The work is specific to DLP on this one and the candidate will work with the other teams to bring it all into play
• Use Forcepoint as secondary DLP program
• The main function of a IT Security Analyst is to plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction or disclosure of information
• The candidate will be planning, coordinating and implementing security measures to safeguard the computer database
• Identify security issues and risks, and develop mitigation plans
• Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
• Develop and interpret security policies and procedures
• Participate in security compliance efforts
• Develop and deliver training materials and perform general security awareness and specific security technology training
• Evaluate and recommend new and emerging security products and technologies
Candidate Requirements/Must Have Skills:
• 3+ years of experience in a similar IT Security Analyst or Cybersecurity Role
• 3+ years of experience exposure monitoring or designing DLP within McAfee or other related technologies
• 3+ years of experience with end user troubleshooting – someone with desktop support, or troubleshooting report preferably using Windows
• 3+ years of Experience in McAfee preferably – but ForcePoint and Symantec are acceptable replacements
• Proficiency in MS Office (extended knowledge in MS Excel preferred) – 3+ years
• You have experience in regulatory and compliance frameworks for USA, UK, ASIA
• You have experience with Windows, Linux and Unix operating systems
• VPN, IPS
• Microsoft Active Directory
• Ears of experience in infrastructure or application-level vulnerability testing and auditing
• Any scripting experience, specifically with RegX or Python, – shooting for intermediate level experience with scripting
• Banking experience is preferred – DLP works with special financial classifications
• Excellent English verbal and written communication skills are essential
• The role requires leadership skills, hands-on technical experience, and a can-do approach towards environment automation / management and continuous improvement for efficiency and cost effectiveness
• Must be reliable, proactive, results-oriented, customer-focused and attentive to details.
• Must be flexible to adapt to a dynamic environment, make quick and sound decisions under pressure
• Strong organizational skills, excellent problem-solving, communication, and collaboration skills
Degrees or certifications:
• Bachelor’s degree in a technical field such as computer science, computer engineering or related field required
• Certifications: CISSP, CISA preferred not required
Candidate Review & Selection
• 1 Step Process: Microsoft Teams Interview – HM, , and one other team members?
• Any additional details to share with Suppliers (i.e. team/cultural fit, professional background preference, etc)