We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team in the Technology Risk and CISO department. This role will primarily focus on maintaining the integrity and confidentiality of our organization’s data by leading the development and execution of Data Loss Prevention strategies, which includes con
...
figuring and managing DLP systems to monitor and prevent unauthorized data movements across endpoints, networks, and cloud platforms. The candidate will handle incident response by investigating alerts, determining the scope and impact of potential data breaches, and coordinating with various teams for resolution. Additionally, the candidate will develop and refine data security policies, provide training to increase organizational awareness, and stay updated with the latest in DLP technology to recommend advancements or modifications to our security infrastructure.
Advantages
Reliability Status Security Clearance – this can only be completed with candidates who receive an offer of employment. This is a personal security status that is required as a condition of employment before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website. The cost of submitting these checks will be covered by our client
Responsibilities
What you will do:
Design and Implementation:
Design, implement, and manage the end-to-end DLP control to protect sensitive data across endpoints, cloud, email, network, and mobile environments according to identified requirements, developed milestones, and approved program.
Develop and expand DLP policies, rules, and controls to align with evolving business needs, regulatory requirements, and industry best practices.
Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
Support the expansion of DLP capabilities into emerging technologies, and egress channels.
Incident Response:
Follow the DLP incident response process, collaborating with all stakeholders (i.e., HR, Privacy, and Business Units) to investigate, contain, and remediate data loss incidents.
Develop and maintain DLP incident playbooks and ensure timely response to alerts.
Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
Conduct post-incident reviews and recommend improvements to prevent future incidents.
Policy Development and Enforcement:
Establish, enforce, and regularly review DLP policies, standards, and guidelines to ensure comprehensive coverage of sensitive data across the organization.
Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA) and industry frameworks.
Develop tailored DLP policies for business units based on specific data classification and operational needs.
Collaboration and Communication:
Define, track, and report on key performance indicators (KPIs) and other DLP metrics to measure control effectiveness and risk posture.
Provide detailed reporting on DLP incidents, policy violations, and achieved progress.
Training and Awareness:
Develop and deliver DLP awareness and training programs to educate employees on the importance of data protection, acceptable use policies, and secure data handling practices.
Promote a culture of data security awareness across the organization through regular communications and engagement activities.
Innovation and Continuous Improvement:
Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
Report identified DLP gaps and drive initiatives to close them.
Qualifications
What you will bring:
Bachelor’s degree from an accredited college or university or equivalent experience.
Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
Deep knowledge of Data Loss Prevention (DLP) technologies, frameworks, and platforms—particularly Microsoft Purview, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint.
Proven experience implementing and managing solutions for Data Loss Prevention, Insider Risk Management, Data Security Posture Management, and Conditional Access.
Strong understanding of data classification, encryption, regulatory requirements, and standards.
Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
Experience collaborating with cross-functional teams and senior stakeholders.
Exceptional analytical, problem-solving, and investigative skills.
Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
Excellent communicator including demonstrated presentation and negotiation skills.
Experience with security solutions for multi-tier cloud-based applications
Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
Working knowledge of IT Audit processes, including design of control test procedures.
Demonstrated ability to foster relationships and build trust.
Ability to work independently and deliver on commitments.
Strong analytical and problem-solving skills.
Experience in risk assessment methodologies.
Summary
Reliability Status Security Clearance – this can only be completed with candidates who receive an offer of employment. This is a personal security status that is required as a condition of employment before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website. The cost of submitting these checks will be covered by Our client.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team in the Technology Risk and CISO department. This role will primarily focus on maintaining the integrity and confidentiality of our organization’s data by leading the development and execution of Data Loss Prevention strategies, which includes configuring and managing DLP systems to monitor and prevent unauthorized data movements across endpoints, networks, and cloud platforms. The candidate will handle incident response by investigating alerts, determining the scope and impact of potential data breaches, and coordinating with various teams for resolution. Additionally, the candidate will develop and refine data security policies, provide training to increase organizational awareness, and stay updated with the latest in DLP technology to recommend advancements or modifications to our security infrastructure.
Advantages
Reliability Status Security Clearance – this can only be completed with candidates who receive an offer of employment. This is a personal security status that is required as a condition of employment before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website. The cost of submitting these checks will be covered by our client
...
Responsibilities
What you will do:
Design and Implementation:
Design, implement, and manage the end-to-end DLP control to protect sensitive data across endpoints, cloud, email, network, and mobile environments according to identified requirements, developed milestones, and approved program.
Develop and expand DLP policies, rules, and controls to align with evolving business needs, regulatory requirements, and industry best practices.
Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
Support the expansion of DLP capabilities into emerging technologies, and egress channels.
Incident Response:
Follow the DLP incident response process, collaborating with all stakeholders (i.e., HR, Privacy, and Business Units) to investigate, contain, and remediate data loss incidents.
Develop and maintain DLP incident playbooks and ensure timely response to alerts.
Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
Conduct post-incident reviews and recommend improvements to prevent future incidents.
Policy Development and Enforcement:
Establish, enforce, and regularly review DLP policies, standards, and guidelines to ensure comprehensive coverage of sensitive data across the organization.
Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA) and industry frameworks.
Develop tailored DLP policies for business units based on specific data classification and operational needs.
Collaboration and Communication:
Define, track, and report on key performance indicators (KPIs) and other DLP metrics to measure control effectiveness and risk posture.
Provide detailed reporting on DLP incidents, policy violations, and achieved progress.
Training and Awareness:
Develop and deliver DLP awareness and training programs to educate employees on the importance of data protection, acceptable use policies, and secure data handling practices.
Promote a culture of data security awareness across the organization through regular communications and engagement activities.
Innovation and Continuous Improvement:
Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
Stay current with industry trends, emerging threats, and new technologies to ensure the organization remains ahead of evolving data loss risks.
Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring.
Report identified DLP gaps and drive initiatives to close them.
Qualifications
What you will bring:
Bachelor’s degree from an accredited college or university or equivalent experience.
Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
Deep knowledge of Data Loss Prevention (DLP) technologies, frameworks, and platforms—particularly Microsoft Purview, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint.
Proven experience implementing and managing solutions for Data Loss Prevention, Insider Risk Management, Data Security Posture Management, and Conditional Access.
Strong understanding of data classification, encryption, regulatory requirements, and standards.
Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
Experience collaborating with cross-functional teams and senior stakeholders.
Exceptional analytical, problem-solving, and investigative skills.
Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
Excellent communicator including demonstrated presentation and negotiation skills.
Experience with security solutions for multi-tier cloud-based applications
Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization.
Working knowledge of IT Audit processes, including design of control test procedures.
Demonstrated ability to foster relationships and build trust.
Ability to work independently and deliver on commitments.
Strong analytical and problem-solving skills.
Experience in risk assessment methodologies.
Summary
Reliability Status Security Clearance – this can only be completed with candidates who receive an offer of employment. This is a personal security status that is required as a condition of employment before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada website. The cost of submitting these checks will be covered by Our client.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
