Information Security Analyst, Data Loss Prevention

				Overview:
About Kinaxis  

Elevate your career journey by embracing a new challenge with Kinaxis. We are experts in tech, but it's really our people who give us passion to always seek ways to do things better. As such, we're serious about your career growth and professional development, because People matter at Kinaxis.    

In 1984, we started out as a team of three engineers. Today, we have grown to become a global organization with over 2000 employees around the world, with a brand-new HQ based in Kanata North in Ottawa. As one of Canada's Top Employers, we are proud to work with our customers and employees towards solving some of the biggest challenges facing supply chains today.   

At Kinaxis, we power the world's supply chains to help preserve the planet's resources and enrich the human experience. As a global leader in end-to-end supply chain management, we enable supply chain excellence for all industries, with more than 40,000 users in over 100 countries. We are expanding our team as we continue to innovate and revolutionize how we support our customers. 

Responsibilities:

Location

This is a remote position. You can work from home and be located anywhere in Canada.
About the role
As the Information Security Analyst, Data Loss Prevention, you will be primarily responsible for the daily monitoring and/or maintenance of the enterprise Data Loss Prevention solution as part of a global Security team that is responsible for all security-related handling for Kinaxis Corporate and Kinaxis Maestro Software-as-a-Service.

You will administer the Data Loss Prevention (DLP) environments, monitor, and respond to the alerts that are generated from the tools. You will also interface with cross functional teams within Kinaxis such as Corporate IT, SaaS Operations, Development, Business Systems teams, Legal, Risk Management teams, and Technology partners to ensure DLP controls are adequately implemented to protect and maintain company-wide information security.

Qualifications:
What you will do

* Support the architecture, design, deployment, and integration of DLP solutions in the enterprise.
* Ongoing administration of the DLP tools - this will include configuring policies and reporting.
* Monitor and respond to alerts generated from the DLP systems and other technologies. Coordinate with subject matter experts and provide timely reporting to management.
* Understand and follow the security incident response process through event escalations.
* In rotation with the team, be on call to respond to serious cybersecurity incidents.
* Work closely with product and platform teams to engineer and implement DLP security controls.
* Create and propose DLP design changes and enhancements for improvements in security, availability, and automation.
* Develop training materials for DLP systems and general security awareness and deliver DLP training as required.
* Implement and support approved information security projects and internal/external security audits.
* Understand potential and emerging information security threats, and vulnerabilities and communicate this information to appropriate team members throughout the Company on a timely basis.
* Provide support for DLP incidents or audits such as Sox, SSAE16, ISO, PCI, FedRamp.

What we are looking for

* Bachelor's degree in Information Security, Computer Science, Information Management Systems, or similar.
* 3-5 years of experience in IT Operations, IT Security, IT Audit, or similar; high-tech, global organization is preferred (minimum of 2 years' experience with DLP functions).
* A clear, concise, and professional communicator with the ability to present information and demonstrate knowledge to stakeholders at varying levels within the business. Ability to build rapport and gain support and trust from senior leaders and business stakeholders.
* Analytical and problem-solving skills, with the ability to interpret business requirements and arrive at well-constructed recommendations.
* Performs work with a high sense of urgency, and can prioritize based on business need. Agile and resilient in managing multiple projects with multiple sources of information under tight timelines.
* Experience with Data Loss Prevention (DLP) technology support and event handling.
* Advanced knowledge in DLP best practices and policies. (e.g. SANs, ISACA, ISC2).
* Experience integrating DLP solutions with multiple platforms including Windows, Unix, Database Platforms, etc.
* Experience with information protection and labeling.
* Experience with administration and integration of data discovery and classification tools.
* Experience with Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and attack Tools, Techniques and Procedures (TTPs), under the ATT&CK framework.
* Understanding of Security incident containment and eradication strategies.
* Understanding of computer-related security systems including firewalls, IDS/IPS, encryption, and password protection and authentication.
* Good understanding of industry recognized Cybersecurity frameworks.

Nice to Have:

* CompTIA Security+ (CySA+), CISSP, CCSP, CCNA Security, CISM, or GIAC certifications preferred
* Understanding of relevant governance and control assessment frameworks and/or standards (e.g., NIST-CSF, FFIEC CAT, ISO 27000 Series, COBIT, COSO, SOC 1/2, FAIR, PCI-DSS, etc.) is preferred
* Experience with Sentinel or other Next-Gen SIEM Technologies will be preferred
* Knowledge of and experience working in cloud platforms (Security features), Microsoft Azure (Microsoft Purview), AWS, and Google are assets

#Intermediate #LI-EM1
			

Apply

Share this job:

Share this Job

View company profile

Kinaxis

Connect To Our Company