We are looking for a Senior Information Security Analyst to join our Data Loss Prevention team in the Technology Risk and CISO department. This role is vital in protecting our organization’s data by developing and executing DLP strategies. Responsibilities include configuring and managing DLP policies, ensuring compliance with organizational and
...
regulatory requirements, investigating DLP alerts, and collaborating with cross-functional teams to resolve potential data breaches. The candidate will also help develop and deliver Data Protection training to enhance organizational awareness and adherence to data security best practices. Staying updated with the latest DLP technology; the candidate will recommend improvements to our DLP infrastructure.
The ideal candidate will have experience in information security, particularly in DLP technology and systems, a strong understanding of data security principles, regulatory requirements, and industry best practices, proficiency in DLP tools and technologies, excellent analytical, problem-solving, effective communication and collaboration skills, and relevant certifications.
Advantages
The ideal candidate will have experience with Microsoft Purview, IRM and MDCA - This is a hybrid role with 3 days in office.
Responsibilities
What you will do:
Incident Response:
Follow the DLP incident response process, collaborating with stakeholders (HR, Privacy, Business Units) to investigate, contain, and remediate data loss incidents.
Develop and maintain DLP incident playbooks and ensure timely response to alerts.
Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
Conduct post-incident reviews and recommend improvements to prevent future incidents.
Design, Implementation, and Development:
Design and implement DLP policies to protect sensitive data across identified channels, aligning with business needs, regulatory requirements, and industry best practices.
Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
Support the expansion of DLP capabilities into emerging technologies and egress channels.
Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA).
Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
Report identified DLP gaps and drive initiatives to close them.
Collaboration and Communication:
Work collaboratively with DLP team members, managers, and stakeholders to enhance teamwork and efficiency.
Prepare and present regular updates, metrics, and program status. Define, track, and report on key performance indicators (KPIs) to measure control effectiveness and risk posture.
Provide detailed reporting on DLP incidents, policy violations, and progress achieved.
Adhere to corporate workstyle policies, including a minimum of three days working from the office each week.
Training and Awareness:
Participate in developing and delivering DLP awareness and training programs to educate employees on data protection, acceptable use policies, and secure data handling practices.
Qualifications
What you will bring:
Bachelor’s degree from an accredited college or university or equivalent experience.
Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
In-depth knowledge of DLP technologies, frameworks, and platforms (specifically Microsoft Purview, IRM and MDCA).
Strong understanding of data classification, encryption, regulatory requirements, and standards.
Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
Experience collaborating with cross-functional teams and senior stakeholders.
Exceptional analytical, problem-solving, and investigative skills.
Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
Excellent communicator including demonstrated presentation and negotiation skills.
Experience with security solutions for multi-tier cloud-based applications
Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
Working knowledge of IT Audit processes, including design of control test procedures.
Demonstrated ability to foster relationships and build trust.
Ability to work independently and deliver on commitments.
Strong analytical and problem-solving skills.
Experience in risk assessment methodologies.
Reliability Status security clearance - this is a personnel security status that is required before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website
Summary
The ideal candidate will have experience with Microsoft Purview, IRM and MDCA
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
We are looking for a Senior Information Security Analyst to join our Data Loss Prevention team in the Technology Risk and CISO department. This role is vital in protecting our organization’s data by developing and executing DLP strategies. Responsibilities include configuring and managing DLP policies, ensuring compliance with organizational and regulatory requirements, investigating DLP alerts, and collaborating with cross-functional teams to resolve potential data breaches. The candidate will also help develop and deliver Data Protection training to enhance organizational awareness and adherence to data security best practices. Staying updated with the latest DLP technology; the candidate will recommend improvements to our DLP infrastructure.
The ideal candidate will have experience in information security, particularly in DLP technology and systems, a strong understanding of data security principles, regulatory requirements, and industry best practices, proficiency in DLP tools and technologies, excellent analytical, problem-solving, effective communication and collaboration skills, and relevant certifications.
Advantages
...
The ideal candidate will have experience with Microsoft Purview, IRM and MDCA - This is a hybrid role with 3 days in office.
Responsibilities
What you will do:
Incident Response:
Follow the DLP incident response process, collaborating with stakeholders (HR, Privacy, Business Units) to investigate, contain, and remediate data loss incidents.
Develop and maintain DLP incident playbooks and ensure timely response to alerts.
Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
Conduct post-incident reviews and recommend improvements to prevent future incidents.
Design, Implementation, and Development:
Design and implement DLP policies to protect sensitive data across identified channels, aligning with business needs, regulatory requirements, and industry best practices.
Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
Support the expansion of DLP capabilities into emerging technologies and egress channels.
Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA).
Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
Report identified DLP gaps and drive initiatives to close them.
Collaboration and Communication:
Work collaboratively with DLP team members, managers, and stakeholders to enhance teamwork and efficiency.
Prepare and present regular updates, metrics, and program status. Define, track, and report on key performance indicators (KPIs) to measure control effectiveness and risk posture.
Provide detailed reporting on DLP incidents, policy violations, and progress achieved.
Adhere to corporate workstyle policies, including a minimum of three days working from the office each week.
Training and Awareness:
Participate in developing and delivering DLP awareness and training programs to educate employees on data protection, acceptable use policies, and secure data handling practices.
Qualifications
What you will bring:
Bachelor’s degree from an accredited college or university or equivalent experience.
Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
In-depth knowledge of DLP technologies, frameworks, and platforms (specifically Microsoft Purview, IRM and MDCA).
Strong understanding of data classification, encryption, regulatory requirements, and standards.
Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
Experience collaborating with cross-functional teams and senior stakeholders.
Exceptional analytical, problem-solving, and investigative skills.
Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
Excellent communicator including demonstrated presentation and negotiation skills.
Experience with security solutions for multi-tier cloud-based applications
Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
Working knowledge of IT Audit processes, including design of control test procedures.
Demonstrated ability to foster relationships and build trust.
Ability to work independently and deliver on commitments.
Strong analytical and problem-solving skills.
Experience in risk assessment methodologies.
Reliability Status security clearance - this is a personnel security status that is required before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website
Summary
The ideal candidate will have experience with Microsoft Purview, IRM and MDCA
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more