IT Security Analyst

Position Title: IT Security Analyst
Location: Toronto, ON (Hybrid)
Estimated Duration: 6 months

Story Behind the Need:
Business group: Cybersecurity operations: safeguard sensitive Bank data from unauthorized exposure, whether accidental or malicious. This includes data transmitted via email, stored or shared in cloud environments, or accessed through mobile devices.

The Data Loss Prevention (DLP) program serves as a key control to protect sensitive Bank data from being accidentally or intentionally disclosed, leaked, or stolen, and thereby reduce reputational or financial consequences.
This role supports the execution and coordination of Data Loss Prevention (DLP) program-related initiatives, including enhancements to DLP policies, standards, processes and workflows that address data exfiltration risks, insider threats, and control deficiencies.

Candidate Value Proposition:
The successful candidate will have the opportunity to work within client. We are technology partners who help the business transform how our employees around the world work. You will get to work with and learn from diverse industry leaders, who have hailed from top technology.

Accountabilities

• Manages program tracking and follow-up activities, collaborates across business functions and prepares weekly DLP working group reports outlining key decisions and approvals needed from a program standpoint.
• Provides support in addressing DLP audit and regulatory obligations, assembling closure documentation and gathering evidence to verify compliance.
• Coordinate and execute tasks independently, particularly those that involve identifying, fixing, or improving existing DLP processes or systems.
• Contribute to the development and enhancement of DLP policies, standards, and processes.
• Collaborate with cross-functional teams to ensure alignment and effective implementation of DLP controls.
• Assist in fulfilling audit and regulatory requirements by assembling closure documentation and gathering compliance evidence.
• Identify and escalate risks or gaps in DLP coverage and recommend remediation strategies.

Candidate Requirements/Must-Have skills:

• 8-9 years of technical work experience as an IT Security Analyst
• 3+ years of experience in IT security, preferably with a focus on Data Loss Prevention or insider threat programs.
• Strong understanding of information security principles, data protection, and risk management.
• Experience with DLP technologies (e.g., Forcepoint, TRELLIX, Microsoft Purview, Symantec etc.)
• Experience creating presentations with PowerPoint (Business and Technical level)

Nice to have skills

• Familiarity with security frameworks and compliance standards (e.g., NIST, SOX, GDPR).
• Experience in financial services or banking environments.
• Knowledge of insider threat detection and data exfiltration techniques.
• Familiarity with endpoint protection, email, mobile, web, and cloud security controls

Soft Skills:

• Excellent written, presentation, and verbal communication skills to be able to work well with technical peers and business stakeholders at different levels within the organization.
• Strong decision-making, forward thinking and creative problem-solving skills to anticipate and respond quickly to technological/market influences.
• Ability to work as part of a team, as well as work independently or with minimal direction.

Best vs. Average Candidate:
We are seeking a candidate who can effectively navigate and drive outcomes across multiple complex and diverse teams, demonstrating strong coordination, influence, and follow-through. The ideal candidate will not only manage competing priorities but also foster collaboration to ensure alignment and timely execution.
Additionally, the candidate must be able to create high-quality, executive-level presentations using PowerPoint, with a strong command of grammar and visual storytelling. Presentations should be clear, compelling, and tailored to senior audiences, reflecting strategic thinking and attention to detail.

Education:
Post-secondary degree in a technical field such as computer science, computer engineering or equivalent work experience