Passer au contenu principal

Information Technology Security Analyst

A7405986

Synopsis of the role

As our IT Security Analyst, this role requires a motivated self-starter. Someone who has strong analytical and problem-solving skills, a deep understanding of risk and compliance management principles, excellent communication and report-writing abilities, and knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and believe in due diligence. Responsibilities include but are not limited to.

What you’ll do

  • Proactively identify and address system, network, and data to prevent cyber-attacks.

  • Developing and executing formal web application and API security testing plan. Involved in test planning, preparation and communication with the development team prior to security test execution. 

  • Assess and validate security controls, while suggesting compensating controls to address vulnerabilities and control gaps.

  • Collaborate with stakeholders to remediate application and infrastructure vulnerabilities.

  • Conduct vulnerability penetration tests and security controls risk assessments.

  • Facilitate information gathering and reporting for Internal and External Audit functions.

  • Providing recommendations to the Technology Information Security Officer on the risks posture that are related to the Equifax Canada environment.

  • Partnering with Technology on security engagements by opening front door requests and collecting evidence for projects.

  • Support evidence collection for various security compliance frameworks, including NIST, PCI-DSS, ISO 27001, and SOC assessments.

What experience you need

  • Minimum 4+ years in security and 2+ years of experience with the Risk assessment, application security and cloud security.

  • 3+ years experience in penetration testing and ethical hacking, including web applications, API testing and cloud environments.

  • Proficiency in web application security tool and frameworks including but not limited to BurpSuite, OWASP top 10 and secure coding practices across development languages.

  • Good understanding of technical security controls, secure coding standards and Hands-on experience with cloud such as GCP and AWS.

  • Strong understanding of PKI, encryption standards, Microservices architectures, Kubernetes security.

  • Experience with ServiceNow, Jira, and/or other reporting platform tools including creating workflows, dashboard creation, and optimization.

  • Pays attention to team needs and pivots his/ her approaches accordingly to support the delivery of business value.

  • Expert in ability to communicate to advanced Technical teams as well as brief management on technical risks and issues

  • Exposure to audits like PCI, SOC, ISO 27001 and familiarity with common security frameworks NIST, COBIT, ITIL, ISO

  • Proactive, detail oriented and able to work independently and efficiently

What could set you apart


  • Passionate about Cybersecurity.

  • Demonstrate passion continuous learning

  • Bilingual ( french language is an asset)

  • Previous experience working in cyber security and risk management at a large company

  • Hold relevant industry certifications in OSCP,OSCE or CEH.

We offer comprehensive compensation and healthcare packages, paid time off, and organizational growth potential through our online learning platform with guided career tracks.

Travailler chez Equifax 

Nous croyons en une mentalité de croissance. Chez Equifax, cela comprend offrir à nos employés des occasions de donner le meilleur d’eux-mêmes et d’acquérir de nouvelles compétences en cours de route pour inspirer et bâtir des carrières épanouissantes.

 

DSC 3122 Edit

Joignez-vous à notre communauté de talents

En savoir plus sur les possibilités de carrière et les événements à venir chez Equifax

S’inscrire