Senior Information Security Analyst (Compliance & Risk Management)

At Kinaxis, who we are is grounded in our common belief that people matter. Each one of us plays an important part in accomplishing our work, building our culture and making a global impact.

Every day, we’re empowered to work together to help our customers make fast, confident planning decisions. This is how we create a better planet – for each other, for our customers and for generations to come. Our cloud-based platform RapidResponse ensures that the products we need – everything from medicine and cars, to day-to-day items like toothpaste – make it to market and into our hands when we need them with minimal ecological footprint.

We make the world better, and you can too.

Senior Information Security Analyst
(Compliance & Risk Management)

Job location: Canada

About the role

The Senior Information Security Analyst (Compliance & Risk Management) provides day-to-day guidance and mentoring to all Kinaxis teams and is part of the Security, Risk & Compliance organization. This role will also have direct involvement in the creation and maintenance of Company-wide information security strategies, processes, policies and other related initiatives. 

You will work closely with the cross functional teams within Kinaxis such as Corporate IT, Cloud Services, Product, Human Resources, Legal, etc. and technology partners to ensure adequate security from the initiation stage through ongoing operations.

This role will report directly to the Senior Director, Security, Risk & Compliance (SRC).  The Security, Risk & Compliance Team is responsible for all security and privacy related handling for both corporate systems and the RapidResponse® Software-as-a-Service offerings.

What you will do

• Serve as an expert advisor to senior management in the development, implementation and maintenance of a Company-wide information security and data protection strategy that ensures best practices control objectives are achieved for system integrity, availability, confidentiality, accountability and assurance within the context of the Company's risk tolerance, as set by senior management for both hosted and on-premise environments.
• Assist in aligning with global regulatory risk and compliance requirements
• Assist in performing relevant assessments and assist with developing information security strategies and related policies
• Identify, propose and support key information security program priorities, initiatives, plans, practices and tools
• Provide guidance and recommendations regarding the prioritization of investments and projects that mitigate risks, strengthen defenses and reduce vulnerabilities
• Implement and support approved information security projects and internal/external security audits
• Guide the design and development of the Kinaxis security and privacy assurance frameworks
• Assist during follow-ups on information security incidents, oversee development of response plans, and provide timely updates
• Understand potential and emerging information security threats and vulnerabilities and communicate this information to appropriate team members throughout the Company on a timely basis
• Participate in the Security Incident Response Process
• Assist with disaster recovery and business continuity planning and testing
• Provide assistance to Sales, Legal and Customer Support organizations in relation to customer inquiries, produce customer consumable information
• Assist with the Kinaxis security and privacy assurance training programs

What we are looking for

• Bachelor’s degree or equivalent combining Information Security, Information Management Systems, Compliance Management, Risk Management, or relevant work experience
• Minimum 5 years of experience in Information Security, Auditing, Documentation, Compliance Management, Risk Management, Training & Awareness or related areas and 2 years in a senior role
• Strong skills related to Information Security industry standards/best practices and relevant regulations (e.g., SSAE16-18, SOC 1/2, HIPAA, GLBA, NIST, C5, ISO2700x, CobiT, ISF, OWASP, SANS)
• Analytical, creative and detail oriented
• Very strong written and oral communication skills
• Candidates must be able to fulfill all security and confidentiality thresholds for this position

Things That Would Definitely Help

• CISSP

What we have to offer

• Challenging Work - We love solving highly complex problems. And as the global leaders in our industry, we never stop innovating—our work is never “done. That’s because across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they’re passionate about.
• Great People - We take our work seriously, but we don’t take ourselves too seriously! It’s in our DNA to celebrate, laugh, and have fun. We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success.
• Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large.
• Diversity, Equity and Inclusion - Diversity, equity and inclusion are more than words to us. They are the guiding principles for building a culture where we celebrate each others’ differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen. 

For more information, visit the Kinaxis web site at www.kinaxis.com or the company’s blog at http://blog.kinaxis.com/.

Kinaxis strongly encourages diverse candidates to apply to our welcoming community. We strive to make our website and application process accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Human Resources at accommodations@kinaxis.com. This contact information is for accessibility requests only and cannot be used to inquire about the status of applications.