Job Description
Information Security Analyst
Rank P4
Scarborough, ON (Hybrid)
Deadline: Please apply by September 9, 2024.
Toyota Canada Inc. currently has an exciting opportunity for an individual to work alongside a talented team who play a crucial role in safeguarding our organization’s digital landscape. This is a full-time permanent role and will report to the Manager, Enterprise Information Security. The successful candidate will have the opportunity to monitor security alerts, investigate potential incidents, coordinate with IT teams to implement corrective actions, maintain security documentation and assist in remediation efforts. The role offers an opportunity to work with business and technical teams, within a culture that values innovation and teamwork.
What We’ll Bring:
Company & Culture
A hybrid work environment
A work environment built on teamwork, flexibility and respect
Professional growth and development programs to help advance your career
A focus on respect for people and continuous improvement
Summer Hours – condensed work week during the summer
Benefits
Competitive compensation package including bonus
Extended health care and dental benefits effective immediately
Company pension plan with additional employer contributions
Associate vehicle discount program
Reimbursement programs (tuition & fitness)
Paid holiday shutdown and competitive paid time off benefits
Sabbatical leave program
What You’ll be Doing:
Security Operations
Monitor and respond to security alerts, investigate potential security incidents, and coordinate with IT teams to resolve incidents
Monitor and address security alerts within defined timeframes, ensuring compliance with security policies, and minimizing the impact of security incidents on business processes and decision-making
Make recommendations towards overall cybersecurity roadmaps and guidelines, contributing to the maturity of the practice across IT
Coordinate and deliver security training programs to enhance awareness and skills among associates, promoting a security-conscious culture within the organization
Provide insight and input into reports for senior leaders and stakeholders, to support decision-making and visibility into security posture
Compliance
Conduct regular security assessments and audits to ensure compliance with industry standards and regulatory requirements and support remediation plans based on findings
Perform thorough security assessments and audits to identify vulnerabilities and compliance gaps
Coordinate and maintain security policies, procedures, and standards to ensure robust information security practices
Vendor Interaction
Support security vendor interactions to ensure services are delivered according to contractual agreements and integration of new security technologies and methodologies
Participate in designing requirements for Vendor Selection, SOW definitions, and KPI establishment
Project & Collaboration
Maintain collaborative relationships with peers from other functional areas, external vendors, leaders across the organization, and other Toyota affiliates
Facilitate discussions with project teams across IS to ensure adherence to standards, practices, and guidelines
Encourage adoption of new technologies and methodologies within the organization
Provide guidance and support for teams through technological and process changes
What You’ll Bring:
University Degree or College Diploma in Cybersecurity, or relevant discipline
3+ years of progressive experience in information security roles, with a focus on security operations, incident response & performing vulnerability assessments
Cybersecurity Industry certifications including SANS, Comp-TIA Security+, ISC2, etc. are an asset
Knowledge of cybersecurity concepts, methodologies, and best practices, with a strong understanding of emerging threats and attack vectors
Proficient in a wide range of cybersecurity technologies and tools, including but not limited to:
Security monitoring tools including SIEM & EDR
Firewall rules configuration and management, Internet protocols and network security fundamentals
Vulnerability assessment tools (e.g., Nessus, Qualys)
Antivirus and endpoint protection solutions, malware detection and intrusion prevention systems
Encryption technologies (e.g., SSL/TLS, AES)
Multi-factor authentication mechanisms, wireless security protocols and best practices
Cloud security principles and practices in various cloud platforms
Understanding of industry-standard frameworks, compliance requirements and frameworks, including: ISF, NIST CSF, SOX (Sarbanes-Oxley), ITIL
Familiarity with application security principles, including secure coding practices, penetration testing methodologies, phishing & security awareness training
Excellent interpersonal skills, with the ability to communicate effectively with technical and non-technical stakeholders, collaborate with cross-functional teams, and provide leadership in sec
Location: Canada
Posted: Sept. 2, 2024, 8:01 a.m.
Apply Now Company Website