Information Security Analyst

Reporting to the Director of Information Security, you will execute activities around our current program, analyze existing practices, issue recommendations, and promote best practices. You will work closely with business units and clients to ensure core ISMS and regulatory requirements are met. Responsibilities include developing and delivering security awareness training, overseeing cybersecurity awareness programs, and managing security awareness and training roadmaps. You will engage with technology vendors to improve security posture, support the development of security policies, and collaborate with the CISO and IT to understand business impacts on security. Additionally, you will manage risks, develop solutions for automating security practices, respond to client security questionnaires, ensure compliance with ISO 27001 and other regulations, conduct risk assessments, and communicate security recommendations effectively.

Must Haves:

• Certified in Information Security (CISSP, CISM, CISA, etc.).
• University degree in computer science, information security, information technology or in a related field of study, or an equivalent combination of studies and experience.
• 5+ years in security awareness, risk management, and compliance (with at least 3 in audit/governance).
• Strong communication skills to translate security concerns into business-friendly solutions
• Must be fluent in French.

Plusses:

• Experience in a professional services firm is an asset