Information Security Compliance Analyst
At Kinaxis, who we are is grounded in our common belief that people matter. Each one of us plays an important part in accomplishing our work, building our culture and making a global impact.
Every day, we’re empowered to work together to help our customers make fast, confident planning decisions. This is how we create a better planet – for each other, for our customers and for generations to come. Our cloud-based platform RapidResponse ensures that the products we need – everything from medicine and cars, to day-to-day items like toothpaste – make it to market and into our hands when we need them with minimal ecological footprint.
We make the world better, and you can too.Information Security Compliance Analyst
The Information Security Compliance Analyst reports to the Information Security Compliance Lead and is part of the Kinaxis Security, Risk & Compliance Team. The Security, Risk and Compliance team is responsible for security, risk, and compliance for Kinaxis corporate and Kinaxis Software-as-a-Service offerings.
The Information Security Compliance Analyst assists the Information Security Compliance Lead in its role to provide objective assurance to senior management on the effectiveness of Kinaxis activities by ensuring key business and information security risks are being managed appropriately and that internal security controls are operating effectively. This includes the evaluation of existing internal security controls, the application of risk reduction strategies and other security-related governance activities. This role will also have direct involvement in the creation and maintenance of company-wide security policies and procedures to meet business objectives.
The Information Security Compliance Analysts works closely with cross functional teams within Kinaxis such as Cloud Services, Product Development, Corporate IT and various partners to bring a systematic, disciplined approach to evaluate and improve the effectiveness of information security risk management, control, and governance.
What You’ll Do
- Developing information security process design recommendations, system design enhancement recommendations, and/or opportunities for employee training and development to ensure operational alignment with the corporate risk profile;
- Coordinating regular control reviews in collaboration with control owners;
- Advising various stakeholders to ensure controls validity and goal achievement;
- Implementing new and/or revised policies, procedures and standards related to controls;
- Regular assurance walkthroughs, test relevant controls and ensure that supporting evidence is prepared and available for audit review;
- Advising senior management and staff on how to comply with Kinaxis’ policies and procedures, control principles, and relevant best practices;
- Evaluating all Kinaxis business units’ risks and controls postures.
- The development of strategies through key risk assessments at the processes and functions levels.
- Monitoring and reporting compliance on internal policies and processes via regular scorecard reports;
- Completing regular reviews of external vendors
- Supporting and coordinating with external auditors in the course of relevant security audits, certifications, attestations, etc;
- Conducting special investigations or research, as required;
- Managing the Kinaxis change management processes;
- Reporting to senior management of risks related to audit controls. .
Things You Should Have
- College degree or equivalent in Information Security, Compliance, Information Management Systems, Auditing methodology, Cyber Security or relevant work experience
- Minimum 6 months of relevant experience
- Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., SSAE16, SOC 1, SOC 2, HIPAA, GLBA, FISMA, NIST, ISO2700X, CobiT, ISF, OWASP, SANS, etc)
- Analytical and investigative skills
- Strong written and oral communication skills
Things That Would Definitely Help
- CISSP, CISA, CIA
What we have to offer
- Challenging Work - We love solving highly complex problems. And as the global leaders in our industry, we never stop innovating—our work is never “done. That’s because across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they’re passionate about.
- Great People - We take our work seriously, but we don’t take ourselves too seriously! It’s in our DNA to celebrate, laugh, and have fun. We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success.
- Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large.
- Diversity, Equity and Inclusion - Diversity, equity and inclusion are more than words to us. They are the guiding principles for building a culture where we celebrate each others’ differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen.
Kinaxis invites candidates to apply to its welcoming community. Accommodations are available upon request for applications in all aspects of the recruitment process. If you require accommodation, please contact Human Resources at email@example.com.