Information Security Analyst (AI / First Line of Defense)

Recrute Action Inc. -
Waterloo, ON

Quick apply

Job details

Full-time | Fixed term contract
$55–$75 an hour
8 hours ago

Qualifications

Certified Information Systems Auditor
Computer Science
CISSP
IT auditing
PaaS
Information security
CISM
Analysis skills
Incident response
Presentation skills
Security
Cloud computing
ISO 27001
Financial services
Cybersecurity
SaaS
AI
Communication skills
CRISC
IaaS
Time management
Identity & access management
Information Technology

Full job description

Information Security Analyst (AI / First Line of Defense)

Take part in meaningful technology and security initiatives focused on cloud environments, information risk, and AI governance. This role offers a mix of strategic and hands-on responsibilities in a collaborative hybrid work environment.

What is in it for you:

Salaried: $55-65 per hour.

Incorporated Business Rate: $65-75 per hour.

6-month contract with the potential for permanent employment.

Full-time position: 37.50 hours per week.

Monday to Friday, from 9 am to 5 pm.

Hybrid work arrangement (3 days on-site).

Based in Toronto or Waterloo, Ontario.

Responsibilities:

Perform information risk assessments for projects, technologies, and generative AI initiatives by identifying risks, defining controls, and tracking control implementation.

Conduct comprehensive assessments of IaaS, PaaS, SaaS, and generative AI projects, identifying and mitigating associated risks.

Develop and implement governance frameworks for generative AI aligned with global information risk assessment methodologies.

Collaborate with cross-functional teams to integrate risk frameworks with architecture reviews, project risk management processes, and business continuity and disaster recovery activities.

Design, document, and implement business-as-usual security controls applicable to cloud-based infrastructure, platforms, and services.

Evaluate products for implementing security controls in cloud and on-premises environments.

Manage competing priorities to ensure timely completion of governance assessments and updates.

Participate in project meetings to provide guidance on risks, impacts, and security considerations, while delivering timely updates to stakeholders.

Ensure all information risk assessments are peer-reviewed for completeness before distribution to stakeholders.

Support operational security activities, including incident response, vulnerability management, and firewall reviews.

Deliver training to stakeholders on information risk assessment processes and security best practices.

Respond to audits, regulatory reviews, risk and control self-assessments, and related inquiries.

Stay informed about emerging AI technologies, evolving threats, and developments in AI governance.

What you will need to succeed:

Degree in Computer Science, Information Technology, Data Science, Business Administration, or equivalent educational and professional experience.

Professional certifications such as CISSP, CRISC, CISM, or CISA are considered an asset.

5 years of experience in Information Risk Management, including vendor risk management, project risk management, IT audit, or IT controls assessment.

Experience across multiple information security disciplines, including network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, and cybersecurity.

Deep knowledge of cloud computing security and IaaS, PaaS, and SaaS environments.

Familiarity with regulatory and security frameworks such as NIST, ISO 27001, GDPR, Sarbanes-Oxley, and the EU AI Act.

Understanding of the financial services industry and its regulatory requirements is preferred.

Strong communication and influencing skills with the ability to promote AI governance and risk management practices.

Strong presentation and facilitation skills for a variety of audiences, including senior leadership.

Excellent problem-solving and analytical abilities, with an innovative approach to information security risk management.

Proven ability to build and maintain effective relationships with stakeholders and cross-functional teams.

Strong organizational and time management skills, with the ability to manage multiple priorities in a changing environment.

Collaborative team player with strong interpersonal skills and a proactive mindset.

Passion for advancing AI governance and information security practices.

Why Recruit Action?

Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process, some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.

Pay: $55.00-$75.00 per hour

Benefits:

Work from home

Application question(s):

Do you have a degree in Computer Science, Information Technology, Data Science, Business Administration, or equivalent professional experience? If yes, please specify your degree, field of study, and/or relevant experience.
Are you comfortable reporting into the office 3 days per week (Tuesday–Thursday)?

Experience:

Vendor risk, project risk, IT audit, or IT controls: 5 years (required)
Knowledge of cloud security (IaaS, PaaS, SaaS): 1 year (required)
Familiarity with NIST, ISO 27001, GDPR, SOX, and EU AI Act.: 1 year (required)
Understanding of financial industry regulations.: 1 year (required)
Network, Infrastructure, and Operations Security: 1 year (required)
Application Security: 1 year (required)
Identity and Access Management (IAM): 1 year (required)
Vulnerability and Risk Management: 1 year (required)
Information Protection and Cybersecurity: 1 year (required)
Physical Security: 1 year (required)

Licence/Certification:

CISSP, CRISC, CISM, or CISA certifications (required)

Work Location: Hybrid remote in Waterloo, ON N2L 6L3

Quick apply

Job seeker tools

Employer Tools

Browse

Stay Connected