IT Security Analyst Job at Hexagon in Calgary, AB
We have an immediate full time opening for an IT Security Analyst to work as part of the Hexagon Corporate team. Reporting to the Hexagon Group Information Security Officer, this role will work with all Hexagon Divisions as well as at the group level to design, build and implement tools and processes that deliver the organizations Information Security strategy. The role will require close working with non-IT functional business teams as well as interaction with the IT groups and expert teams (i.e. Chief Technology Office, Data Strategy and Governance, Office 365 and SharePoint) across the company. Some international travel will be required.
This position is located in the Hexagon Calgary Campus, which opened in September 2018. In this state-of-the-art location, we offer a casual and innovative work environment, including leading edge technology, on-site gymnasium, dedicated bike storage room, and underground parking.
The IT Security Analyst will be responsible for:
Defining and implementing security projects at the Hexagon Corporate level.
Supporting implementation of security projects within Hexagon divisions.
Supporting Data Protection program delivery.
Working closely with Incident Response teams to classify and remediate issues. Communicate progress of incidents through defined business channels.
Creation and maintenance of group level security policy documents.
Assessing existing security controls to identify gaps and provide remediation recommendations.
Liaising with external vendors and contractors to ensure projects are delivered to time, quality and budget constraints.
Working with marketing to update internal web site to ensure security related content is relevant and consumable.
Supporting Security Awareness Program delivery.
Responding to security related questions from across the business.
Degree in Information Security / Computer Science or related subject.
5+ years working in an Information Security role.
Knowledge of Information Security frameworks (NIST SP 800-171, ISO27001, CIS etc.).
Experience of cloud security primarily Azure but also AWS hosted environments.
Working knowledge of privacy principles (i.e. GDPR, CCPA, PIPEDA etc.).
Proven project delivery skills (i.e. defining scope, project plan and schedule, constraints, risks and managing control) and working with diverse teams.
Foundation level security course from ISC2, GIAC, EC-Council, ISACA or equivalent.
Strong knowledge of Office 365 tools for collaboration.
Able to travel internationally (approximately 20-30%).
Key Success Factors:
Excellent interpersonal skills.
Succinct oral and written communication skills as it relates to presenting and relaying information to various audiences.
Ability to work as part of distributed teams as well as on individual projects.
Proven track record in enterprise security implementations.
Strong desire for continuous learning.
Understanding of risk management and its application to security.
CISSP/CISM/CISA/CRISC would be advantageous or evidence to show actively working towards these.
Some experience of working closely with senior leadership positions would be beneficial.
Experience of working in an international technology organization.
Broad knowledge of security vendor landscape.
About the Company
Company Location: Calgary, AB