Sr Analyst Information Security

Our vision for the future is based on the idea that transforming financial lives starts by giving our people the freedom to transform their own We have a flexible work environment and fluid career paths We not only encourage but celebrate internal mobility We also recognize the importance of purpose well-being and work-life balance Within Empower and our communities we work hard to create a welcoming and inclusive environment and our associates dedicate thousands of hours to volunteering for causes that matter most to them Chart your own path and grow your career while helping more customers achieve financial freedom Empower Yourself As the Senior Information Security Analyst Supplier Risk at Canada Life you will play a pivotal role in managing supplier risk and enhancing our customers trust In this capacity you will be responsible for providing insightful analysis on supplier risk with a focus on conducting comprehensive assessments These assessments will delve into information security privacy and business continuity management BCM for the most part It will necessitate collaborationwith both internal stakeholders and external entities As a versatile team player you will also have the opportunity apply your extensive knowledge to a broader range of tasks as needed ESSENTIAL FUNCTIONS Manage the supplier risk assessment for new vendors which span information security privacy and business continuity management BCM Perform ongoing information security risk assessments and monitor risk posture of existing suppliers Review supplier contracts to meet information security privacy and BCM requirements Audit suppliers to ensure they are meeting their control obligations Analyse vendor risk and customer relationships by analyzing due diligence questionnaire responses and documentation Recommend and implement enhancements to the supplier risk management processes Prepare information security risk reports dashboards and operational metrics for continuous improvement and monitoring purposes Maintain and develop team documentation with the aim of standardizing knowledge base and processes Update and provide feedback on information security policies and procedures in line with current risks and regulations Share knowledge and train other team members on supplier risk management best- practices QUALIFICATION Bachelors degree from an accredited college or university or equivalent experience Minimum of five years of relevant experience preferably serving as an information technology or privacy professional Relevant industry certifications e g CISSP CISM CRISC CISA CTPRP CTPRA An understanding of various substantiating materials including SOC2 and ISO reports which can be used to assess control effectiveness A strong technical foundation with experience in information security solutions for multi-tier cloud-based applications across platforms such as Microsoft Azure GCP and AWS This expertise should extend to various IT domains including networks servers application development architecture storage and cloud environments ensuring a holistic approach to information security Demonstrated self-starter with the desire to ramp up quickly collaborate and execute Excellent time management critical thinking analytical and problem-solving skills Excellent communication skills including the ability to present and influence The ability to multitask and complete assignments within deadlines that may have short lead times Strong interpersonal skills capable of interacting at all levels of the organization and with suppliers Experience in interpreting and consulting on the requirements of the Information Security and Privacy policies and standards within a large organization Strong knowledge of IT control frameworks such as COBIT ISO 27001 and the NIST cyber security framework Working knowledge of IT Audit processes including design of control test procedures Ability to work independently and take initiative in a fast-paced and dynamic environment Ability to update your manager effectively A track-record of taking accountability Prior leadership experience is a plus We are an equal opportunity employer with a commitment to diversity All individuals regardless of personal characteristics are encouraged to apply All qualified applicants will receive consideration for employment without regard to age race color national origin ancestry sex sexual orientation gender gender identity gender expression marital status pregnancy religion physical or mental disability military or veteran status genetic information or any other status protected by applicable state or local law