Cybersecurity Analyst safeguarding digital environment for Vibrant Ingredients. Monitoring security threats while supporting enterprise security program.
About the role
- Senior Information Security Analyst focused on Data Loss Prevention strategies for protecting organizational data integrity and confidentiality. Collaborating across teams to enhance data security practices within Canada Life.
Responsibilities
- Design, implement, and manage the end-to-end DLP control to protect sensitive data across endpoints, cloud, email, network, and mobile environments according to identified requirements, developed milestones, and approved program.
- Develop and expand DLP policies, rules, and controls to align with evolving business needs, regulatory requirements, and industry best practices.
- Continuously improve and optimize DLP processes to enhance accuracy, reduce false positives, and improve efficiency.
- Support the expansion of DLP capabilities into emerging technologies, and egress channels.
- Follow the DLP incident response process, collaborating with all stakeholders (i.e., HR, Privacy, and Business Units) to investigate, contain, and remediate data loss incidents.
- Develop and maintain DLP incident playbooks and ensure timely response to alerts.
- Provide detailed analysis and reporting on data loss incidents, root causes, and corrective measures.
- Conduct post-incident reviews and recommend improvements to prevent future incidents.
- Establish, enforce, and regularly review DLP policies, standards, and guidelines to ensure comprehensive coverage of sensitive data across the organization.
- Collaborate with Legal, Compliance, Risk, and other departments to ensure DLP policies align with regulatory requirements (e.g., GDPR, PIPEDA, PCI-DSS, HIPAA) and industry frameworks.
- Define, track, and report on key performance indicators (KPIs) and other DLP metrics to measure control effectiveness and risk posture.
- Develop and deliver DLP awareness and training programs to educate employees on the importance of data protection, acceptable use policies, and secure data handling practices.
- Evaluate and implement new DLP technologies, tools, and enhancements to strengthen data protection capabilities.
- Regularly assess the effectiveness of DLP controls through testing, audits, and continuous monitoring. Report identified DLP gaps and drive initiatives to close them.
Requirements
- Bachelor’s degree from an accredited college or university or equivalent experience.
- Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above.
- Deep knowledge of Data Loss Prevention (DLP) technologies, frameworks, and platforms—particularly Microsoft Purview , Microsoft Defender for Cloud Apps , and Microsoft Defender for Endpoint .
- Proven experience implementing and managing solutions for Data Loss Prevention , Insider Risk Management , Data Security Posture Management , and Conditional Access .
- Strong understanding of data classification, encryption, regulatory requirements, and standards.
- Proven experience managing DLP incidents, governance forums, and program expansion initiatives.
- Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
- Experience collaborating with cross-functional teams and senior stakeholders.
- Exceptional analytical, problem-solving, and investigative skills.
- Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM).
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Information Security Analyst managing risk and compliance controls at USAA. Collaborating with key stakeholders to enhance information security and regulatory compliance processes.
Security Analyst managing security and compliance programs for fintech startup. Ensuring policies and evidence stay organized and collaborate with Head of Security for execution.
IT Security Analyst overseeing internal audits, security assessments, and compliance for CMC’s IT operations. Engaging in risk management and policy development while collaborating with cross - functional teams.
Specialist in PingFederate, PingDirectory and PingID for IAM infrastructure management. Collaborating with teams for stable operation and development in Cotia.
Cyber Security Analyst in the Core IP/DDoS Security team at Vodafone. Ensuring real - time threat mitigation and incident response for DDoS attacks.
Senior Security Analyst developing and implementing security strategies for logistics operations. Focus on risk assessment, staff training, and policy compliance.
Security Analyst managing vulnerability management for PostFinance. Overseeing patching and security issues to ensure system stability.
IT Security Analyst supporting the Supreme Court of Nevada in safeguarding judicial information systems. Implementing security controls, maintaining compliance, and conducting security assessments in a collaborative environment.
Information Security Analyst SME protecting information assets by designing and maintaining security policies. Ensuring compliance with security standards in a tech services company focused on digital transformation.