Synopsis of the role As our IT Security Analyst, This role requires a motivated self-starter. Someone who has strong analytical and problem-solving skills, a deep understanding of risk and compliance management principles, excellent communication and report-writing abilities, and knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and believe in due diligence. Responsibilities include but are not limited to: What you’ll do You will be identifying, analyzing, remediating, and reporting on vulnerabilities data across Equifax Canada infrastructure. Responsible for conducting penetration tests and coordinating with teams on remediation plans. Assessing and validating security controls and suggesting adequate compensating controls to identified vulnerabilities and/or control gaps. Engaging stakeholders to drive remediation of application and infrastructure vulnerabilities. Take a proactive and risk-based approach to identifying and addressing defects in order to protect systems, networks, and data from cyber-attacks. Assist in tracking and improving the security posture and incident response engagements Assist in Asset management and compliance reporting on overall Equifax canada infrastructure. Create and support vulnerability and asset health metrics, remediation-related dashboards, and reports. Work with Internal and External Audit functions to facilitate information gathering and reporting. Support evidence collection with regards to various security compliance frameworks including NIST, PCI-DSS, ISO 27001, and SOC assessments What experience you need Minimum 5+ years in security and 2+ years of hands-on experience with the design, implementation, operation of a vulnerability management program and strong application security background. Good understanding of technical security controls, secure coding standards and Hands-on experience with cloud such as GCP and AWS. Strong understanding of PKI, encryption standards, Microservices architectures, Kubernetes security. Providing recommendations to the Information Security Officer on the risks posture that are related to the Equifax Canada environment. Experience with ServiceNow or other reporting platform tools including creating workflows, dashboard creation, and optimization. Experience with enterprise vulnerability management tools, SAST and DAST. Expert in ability to communicate to advanced Technical teams as well as brief management on technical risks and issues Exposure to audits like PCI, SOC, ISO 27001 Familiarity with common security frameworks NIST, COBIT, ITIL, ISO Proactive, detail oriented and able to work independently and efficiently Pays attention to team needs and pivots his/ her approaches accordingly to support the delivery of business value. What could set you apart Passionate about Cybersecurity. Bilingual ( french language is an asset) Previous experience working in cyber security and vulnerability management at a large company Primary Location: CAN-Toronto-5700 Yonge Function: Function - Security Governance and Compliance Schedule: Full time At Equifax, we believe knowledge drives progress. As a global data, analytics and technology company, we play an essential role in the global economy by helping employers, employees, financial institutions and government agencies make critical decisions with greater confidence. We work to help create seamless and positive experiences during life’s pivotal moments: applying for jobs or a mortgage, financing an education or buying a car. Our impact is real and to accomplish our goals we focus on nurturing our people for career advancement and their learning and development, supporting our next generation of leaders, maintaining an inclusive and diverse work environment, and regularly engaging and recognizing our employees. Regardless of location or role, the individual and collective work of our employees makes a difference and we are looking for talented team players to join us as we help people live their financial best. Equifax is an Equal Opportunity employer, and qualified applicants will receive consideration for employment without regard to race, color, religion, ancestry, age, sex/gender, sexual orientation, gender identity or expression, service in the Armed Forces, protected veteran status, national origin, physical or mental disability, genetic information, citizenship status or any other status protected by law. For US Applicants If you'd like more information on your EEO rights under the law, please view our EEO is the Law Declarations, and Nondiscrimination Provision. If you need a reasonable accommodation to assist with your job search or applicant for employment, please contact us by sending an email to GTA@equifax.com. In your email, please include a description of the specific accommodation you are requesting and a description of the position for which you are applying. Equifax participates in E-Verify and Right to Work (English and Spanish).
