Senior Information Security Analyst

At Kinaxis, who we are is grounded in our common belief that people matter. Each one of us plays an important part in accomplishing our work, building our culture and making a global impact.

Every day, we’re empowered to work together to help our customers make fast, confident planning decisions. This is how we create a better planet – for each other, for our customers and for generations to come. Our cloud-based platform RapidResponse ensures that the products we need – everything from medicine and cars, to day-to-day items like toothpaste – make it to market and into our hands when we need them with minimal ecological footprint.

We make the world better, and you can too.

Job location: Canada

About the role

The Senior Information Security Analyst provides day to day guidance and mentoring to a team of Information Security Analysts.  This role will also have direct involvement in the creation and maintenance of Company-wide information security strategies. 

You will work closely with the cross functional teams within Kinaxis such as Corporate IT, Cloud Services, Product, Human Resources, Legal, etc. and technology partners to ensure adequate security from the initiation stage through ongoing operations.

This role will report directly to the Senior Director, Security, Risk & Compliance (SRC).  The Security, Risk & Compliance team is responsible for all security and privacy related handling for both corporate systems and the RapidResponse® Software-as-a-Service offerings.

What you will do

• Serve as an expert advisor to senior management in the development, implementation and maintenance of a Company-wide information security and data protection infrastructure that ensures best practice control objectives are achieved for system integrity, availability, confidentiality, accountability and assurance within the context of the Company's risk tolerance as set by senior management for both hosted and on premise environments
• Assist in aligning with global regulatory risk and compliance requirements
• Be responsible for and perform Risk & Security assessments and assist with developing information security strategies and appropriate policies
• Identify, propose and support key information security program priorities, initiatives, plans, practices and tools
• Provide guidance  and recommendations regarding the prioritization of investments and projects that mitigate risks, strengthen defenses and reduce vulnerabilities
• Implement and support approved information security projects and internal/external security audits
• Guide the design and development of the Kinaxis security framework
• Act as the primary Company control point during follow-up on significant information security incidents, oversee development of response plans, and provide timely update reporting
• Understand potential and emerging information security threats, and vulnerabilities and communicate this information to appropriate team members throughout the Company on a timely basis
• Participate in the Security Incident Response Process
• Assist with disaster recovery and business continuity planning
• Provide assistance to Sales and Support in relation to customer inquiries, additionally producing customer consumable information specifically to assist with their understanding of how the Kinaxis services are secure and evolving to address the latest threats and vulnerabilities affecting its Software-as-a-Service offerings

What we are looking for

• Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or relevant work experience
• Minimum 5 years of experience in Information Security, Auditing, Documentation, Training & Awareness or related areas and 2 years in a senior role coaching and mentoring others
• Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, security operations, cloud security architecture, SIEM, operating system security, vulnerability, and threat management
• Strong knowledge and deep understanding of complex network security principles / network concepts such as (gateway, http proxy, vlans, dmz, VPN, firewalls, etc)
• Strong knowledge and skill across operating systems such as (Windows, Linux, VMWare)
• Experience with authorization and authentication technologies such as SAML, OAuth, and OpenID
• Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., SSAE16, SOC 2, PCI-DSS, HIPAA, GLBA, FISMA, NIST, ISO2700x, CobiT, ISF, OWASP, SANS)
• Analytical, creative and detail oriented
• Strong written and oral communication skills
• Ability to work on-call as required
• Candidates must be able to fulfill all security and confidentiality thresholds for this position

Things That Would Definitely Help

• CISSP, CCNA Security, Comptia Security +, CISM, or GIAC certifications

What we have to offer

• Challenging Work - We love solving highly complex problems. And as the global leaders in our industry, we never stop innovating—our work is never “done. That’s because across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they’re passionate about.
• Great People - We take our work seriously, but we don’t take ourselves too seriously! It’s in our DNA to celebrate, laugh, and have fun. We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success.
• Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large.
• Diversity, Equity and Inclusion - Diversity, equity and inclusion are more than words to us. They are the guiding principles for building a culture where we celebrate each others’ differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen. 

For more information, visit the Kinaxis web site at www.kinaxis.com or the company’s blog at http://blog.kinaxis.com/.

Kinaxis strongly encourages diverse candidates to apply to our welcoming community. Accommodations are available upon request for applications in all aspects of the recruitment process. If you require accommodation, please contact Human Resources at accommodation@kinaxis.com.