ZipRecruiter

Log In

Senior Information Security Analyst

Payworks Inc.

Winnipeg, MB • Hybrid

Full-time

Medical, Retirement, PTO

Posted 14 days ago

Job description

Doing business to business, person to person. Payworks is a leading workforce management solutions provider and multi-year winner of the Canada's Best Managed Companies program. We are proudly Canadian as well as committed to developing world-class products and providing a progressive workplace culture where Doing Right by People is our purpose.

With clients of all sizes and more than 600 employees, we currently have an exciting opportunity on our IT Security team for the right candidate. Because when it comes to great people, there's always room for one more.  

DOING RIGHT BY PEOPLE - IT'S WHAT WE DO

Reporting to the Senior Manager, Information Security, the Senior Information Security Analyst will be responsible for using an analytical thought process and sound judgment in executing daily analyst activities. Leveraging industry leading security technologies, this role is the first line of defense against information security threats. You will be responsible for identifying and immediately responding to such risks with a strong attention to detail and technical/investigative mindset. This will include the monitoring of Payworks IT infrastructure and associated alerts as well as responding to tickets and other requests from outside the Corporate Security Team.

WHY YOU SHOULD CHOOSE PAYWORKS 
  • Comprehensive employer paid benefits, including a Health Spending Account, for you and your family and excellent pension plan with employer contributions.
  • Plenty of professional development opportunities.
  • Community-minded culture - Receive two paid days per year to volunteer and lots of opportunity to "Pay it Forward".
  • Time and flexibility to meet your needs - Hybrid work model with flexible work options, plus 3 weeks vacation to start, flex time and parental leave benefits.
  • Cool perks - Annual Lifestyle Spending Account, fun office environment and events, and more! 
PROTECT. DETECT. RESPOND - IT'S WHAT YOU'LL DO 
  • Monitor & respond - Provide second-level support to the Security Operations Centre (SOC) team. Respond to security-related incident tickets, events, and identified vulnerabilities in a timely manner to reduce organizational impact.
  • Assess & mitigate risk - Identify and assess security risks to the organization and develop strategies to mitigate them. Stay current on emerging security trends, global events, AI and ML security developments, and apply this knowledge to enhance Payworks' security measures.
  • Architect & control access - Ensure Payworks projects, assets, and infrastructure align with established security architectures and standards. Manage user access and permissions including role-based access control (RBAC), and regularly audit user accounts.
  • Lead incident response - Develop and maintain incident response plans and coordinate investigations to mitigate security breaches. Oversee and participate in regular tabletop exercises with both the security department and other business departments.
  • Deploy & manage security tools - Evaluate, deploy, and manage security technologies including firewalls, IDS/IPS, anti-malware, email security, web application firewalls, identity management, and EDR/XDR solutions.
  • Audit & report - Conduct security audits to ensure compliance with SOC1, SOC2, ISO 27001, and NIST. Develop and update security policies and procedures. Prepare and present regular reports on the organization's security posture, incidents, and trends to management and stakeholders.
  • Build security culture - Conduct and manage security awareness training for employees across the organization. Perform third-party risk assessments including managing and maintaining related tools and technology.  
WHAT YOU'LL NEED TO SUCCEED
  • University or College degree in IT Security or a related field.
  • 5+ years of experience in security operations roles, including security event triage, incident response, forensic analysis, and vulnerability management.
  • Strong understanding of network communications, common protocols and services, and security implementation best practices.
  • Solid grasp of security-by-design principles, security engineering and architecture.
  • Excels at communicating complex security topics effectively to different audiences, including non-technical stakeholders.
  • Strong analytical, organizational, and documentation skills.
  • A team player who shares experience and technical knowledge with peers and across the organization.

  BONUS SKILL SET

  • Experience with scripting tools or languages such as PowerShell or RegEx considered an asset.
  • Cloud infrastructure and/or cloud security experience considered an asset.
  • Knowledge of AI/ML security risks and governance frameworks, including experience assessing risks associated with AI system adoption such as data privacy concerns, model integrity threats, third-party AI dependencies, and compliance implications.
  • Experience with any of the following vendors, tools or products considered an asset: LogRhythm, Tcpdump, Wireshark, Palo Alto Networks Firewalls, PaloAlto Cortex XDR, Cisco DUO, BeyondTrust, BitSight, OneTrust, Nessus, Synopsis WhiteHat DAST, Burp Suite, Rapid7, Proofpoint, Netscaler Web Application Firewalls.
  • Certifications from SANS, ISC2, ISACA, Offensive Security, CompTIA, EC-Council, or CISCO considered an asset.   
We are proud to support a Flexible Work Plan that recognizes the diverse needs and lifestyles of our people. The Senior Information Security Analyst has the option to work fully from the Payworks head office in Winnipeg or on a hybrid work model, working in the office at least three (3) days a week. This role may require participation in an on-call rotation for after-hours support, including evenings, weekends, and holidays, as needed.

Payworks is committed to providing an inclusive, accessible environment, and collaborating with employees, clients and guests to identify and effectively remove barriers, in a manner that respects the principles of independence, dignity, integration, reasonable accommodation and equal opportunity. Payworks welcomes and encourages applications from all persons. Individuals applying for employment with Payworks may request accommodations at all stages of recruitment and employment from Human Resources.

Employees at Payworks' come from different backgrounds, and we celebrate those differences. We are looking for the best candidate for this opportunity, but do not expect applicants to meet every qualification in order to be considered.

Payworks does not use artificial intelligence (AI) technologies in the screening, assessment, or selection of applicants at any stage of the hiring process.

This posting is for an existing vacancy within our team.

    Employment Type: FULL_TIME

    Apply

    Most Popular Jobs Similar to Senior Information Security Analyst

    Other Helpful Pages Related To Senior Information Security Analyst

    Frequently asked questions

    Q: What skills or qualities help someone succeed as a Senior Information Security Analyst?

    A: To succeed as a Senior Information Security Analyst, key technical skills include expertise in threat analysis, vulnerability assessment, and penetration testing, as well as proficiency in security frameworks and compliance regulations such as NIST, HIPAA, or PCI-DSS. Soft skills that contribute to success in this role include strong communication and collaboration skills, the ability to analyze complex security issues and provide actionable recommendations, and a proactive approach to staying up-to-date with emerging security threats and technologies. These strengths enable Senior Information Security Analysts to effectively lead security teams, develop and implement robust security strategies, and drive business growth by mitigating security risks and ensuring compliance.

    Q: What is the career path for a Senior Information Security Analyst?

    A: A Senior Information Security Analyst typically follows a career progression from entry-level roles such as Information Security Analyst or Junior Security Specialist, to mid-level positions like Security Consultant or Information Security Manager, and eventually to senior roles like Senior Information Security Analyst or Chief Information Security Officer (CISO). Key opportunities for skill development and professional growth in this role include staying up-to-date with emerging threats and technologies, developing expertise in areas like compliance, risk management, and incident response, and obtaining certifications like CISSP or CISM. Long-term career prospects for Senior Information Security Analysts may include leadership positions like CISO, or specialized roles like Security Architect or Information Security Consultant, offering opportunities to shape organizational security strategies and drive industry-wide best practices.

    All JobsInformation Security Analyst JobsSenior Information Security Analyst Jobs
    Payworks Inc. job posting for a Senior Information Security Analyst in Winnipeg, MB and benefits including Medical, PTO, and Retirement with a map of Winnipeg location.