Senior Information Security Analyst

D2L


Job Location:

Kitchener - Canada

Monthly Salary: Not Disclosed
Posted on: 3 days ago
Vacancies: 1 Vacancy

Job Summary

D2L is a cloud company that is modernizing education and building the Future of Work. The old models of teaching and learning are in the midst of the largest transformation in history and D2L is at the heart of that fundamental shift.

New models of teaching and learning enable a personalized student-centric experience and deliverimproved retention engagement satisfaction and results for learners of all ages in schools campuses and companies.

D2L is disrupting the way the world learns by providing the next generation learning environment and solutions to engage and inspire learners. And most importantly by giving customers a platform that is easy flexible and other company provides a solution as robust and innovative as D2L.

D2L has had a singular mission for 25 years and is dedicated to that same mission in the years ahead: to transform the way the world learns and by doing so we will help improve human potential globally.

Every application we receive is personally reviewed by a member of our Talent Acquisition team - yes a real person looks at your resume! While we use AI tools internally to streamline tasks like meeting notes summaries and administrative work these tools never rank resumes make hiring decisions or influence candidate evaluations.


AsSenior Information SecurityAnalystat D2L you are a key influencer and contributor to the refinement and delivery of D2LsInformation SecurityProgram.

How will I make an Impact

  • Assistin refining and delivering D2LsInformation Security Program with particular focus on endpoints applications and the underlying infrastructure.
  • Perform regular application/infrastructure security scans generate reports and liaise with related stakeholders to work towards closing open issues.
  • Liaise with operational teams on existing and emerging information security risks and provide subject matterexpertise.
  • Monitor/track information security risks and related artifacts throughout their lifecycle.
  • Support the Information Security Continuous Monitoring Program(s) aligned with specific security compliance programs.
  • Support the product sales cycle by completing security questionnaires from prospective clients.
  • Collaborate with internal subject matter experts to collate review andsubmitperiodic security questionnaires from D2Ls client.
  • Support internal D2L teams during security assessments/reviews/audits.
  • Review independent third-party reports from vendors suppliers and partners for adequacy and alignment with D2Ls Information Security Program.
  • Trackidentifiedgaps from third party assessments and follow up with stakeholders to close outstanding issues.

What youll bring to the role:

Competencies:

  • Ability to thinkcritically
  • Ability to engage process owners and explainsecuritycontrols associated withprocesses
  • Abilityto breakdown complex technical conceptsto simple terms forvarious levels of stakeholders
  • Ability toachieve outcomeswith minimal supervision.
  • Ability to learn fast and synthesizeinformation fromdifferent domains and sources.
  • Ability to work well with teams within a matrix structure and operational setting

Skills

  • Sound knowledge ofStatic Application Security Testing (SAST) Dynamic Application Security Testing (DAST)andSoftware Composition Analysis (SCA).
  • Soundknowledge of public cloudinfrastructure
  • Practical knowledge of implementing security controls inpubliccloud deployments/workloads
  • Practical knowledge ofGovernance Risk and Compliance (GRC) tools
  • Practical knowledge of infrastructure and applicationsecurityscanning tools
  • Deep understanding of vulnerability management and penetration testing
  • Acumen with Artificial Intelligence tools
  • Sound knowledge of risk managementframework and standards
  • Soundknowledge ofInformation Security frameworks and standardsincluding ISO 27001 NIST800-53etc.

Suggested Qualifications/Experience:

  • You haveprevioushands-on experience implementing information security controls across a wide range of domains including Endpoint Security Application Security and Infrastructure Security.
  • You have hands-on experience with public cloud services like Amazon Web Services (AWS)Azureetc.
  • You have hands-on experience performing vulnerability assessments and penetration tests.
  • You havedemonstrableexperienceworking with teams that have implemented security controls based onISO 27001/NIST 800-53 CSAE 3416/SSAE18SOC1/2/3.
  • You have experience using enterprise-grade governance risk and compliance (GRC) tools.
  • You have experienceassessing security control implementations onlarge enterprise webscaleand serverless environments.
  • You have experience engaging stakeholderin remediating security-related findings
  • You have experience supporting an auditexercise by generating security-related evidence

This position is to fill an existing vacancy

D2L operates in a hybrid work style with expectation of 3 days per week in office.


Required Experience:

Senior IC

D2L is a cloud company that is modernizing education and building the Future of Work. The old models of teaching and learning are in the midst of the largest transformation in history and D2L is at the heart of that fundamental shift.New models of teaching and learning enable a personalized student-...

About Company

Company Logo

Created by D2L, Brightspace is the best LMS software for online learning and teaching. Discover how our online learning platform for schools and companies can help your organization today.

View Profile View Profile