Security Strategy & Compliance Analyst

About Kinaxis  

Kinaxis is the global leader in modern supply chain management. We serve supply chains and the people who manage them in service of humanity. Our software is trusted by renowned global brands to provide the agility and predictability needed to navigate today’s volatility and disruption. We combine our patented concurrency technique with a human-centered approach to AI to empower businesses of all sizes to orchestrate their end-to-end supply chain network, from multi-year strategic planning through down-to-the-second execution and last-mile delivery. For more news and information, please visit kinaxis.com or follow us on LinkedIn. 

Security Strategy & Compliance Analyst

Job location: Ottawa-Hybrid; all other Canadian locations-Remote

About The Role

The Security Strategy & Compliance Analyst, as a proficient-level professional with well-defined experiences, provides day to day support to the Kinaxis Security Team.

The incumbent supports the creation and maintenance of company-wide information security strategies and policies, and internal and external compliance verifications, and supports Senior employees within the Security Strategy & Compliance team on the completion of initiatives and objectives related to the overall business strategy

What you will do

• Provide assistance to stakeholders regarding customer inquiries related to security, including producing information that is consumable to customers on how business offerings and services are designed and evolving to address the latest security risks.
• Support senior employees within Security Strategy & Compliance in performing internal and external information security compliance verifications, and deploying and enforcing information security program priorities, initiatives, plans, practices, and tools.
• Draft, update, and manage information security documentation using corporate templates, adhering to best practices within the security domain.
• Share insight and provide recommendations to senior employees within Security Strategy & Compliance regarding prioritization of investments and projects that mitigate risks, strengthen defenses, and reduce vulnerabilities related to security compliance.
• Research and be aware of potential and emerging threats and vulnerabilities in the security space, communicating relevant information to appropriate team members and stakeholders in a timely manner.
• Assist with strategic initiatives including disaster recovery planning and testing, and the design, development and implementation of organizational security frameworks such as ISO 27001.

What we are looking for

• Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or related field.
• 3-5 years of experience in hosted services security (Private/Public Cloud), high-tech, global environment preferred.
• One or more of CISSP, CCSP, CCNA Security, Comptia Security +, CISM, or GIAC certifications is an asset.
• ISO 27001 Lead Implementor or ISO 27001 Lead Auditor certification is considered an asset,
• Analytical, system, and design thinking skills with an inventive approach to work through deep, ambiguous, and progressively complex problems.
• Highly adaptable and able to pivot based on prioritization and needs of the business; proactively solicits feedback to ensure alignment.
• Agile and resilient in managing multiple projects with multiple sources of information.
• A clear, concise, and professional communicator with the ability to present information and demonstrate knowledge to stakeholders at varying levels within the business.
• Advantageous skills and experience include: 
  • High familiarity with Information Security industry standards and best practices and relevant frameworks (SOC 1, SOC 2, BSI-C5:2020, NIST, ISO 270XX Family of Standards, etc.).
  • Solid understanding of security principles and the cybersecurity threat landscape.
  • Ability to translate technical details to a non-technical audience and produce customer-consumable information.
  • Good understanding of industry recognized Cybersecurity frameworks.
  • Knowledge of and experience working in cloud platforms (Security features), Microsoft Azure, AWS, and Google are assets.

What we have to offer

• Challenging Work - We love solving highly complex problems. And as the global leaders in our industry, we never stop innovating—our work is never “done. That’s because across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they’re passionate about.
• Great People - We take our work seriously, but we don’t take ourselves too seriously! It’s in our DNA to celebrate, laugh, and have fun. We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success.
• Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large.
• Diversity, Equity and Inclusion - Diversity, equity and inclusion are more than words to us. They are the guiding principles for building a culture where we celebrate each others’ differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen. 

For more information, visit the Kinaxis web site at www.kinaxis.com or the company’s blog at http://blog.kinaxis.com/.

Kinaxis strongly encourages diverse candidates to apply to our welcoming community. We strive to make our website and application process accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at recruitmentprograms@kinaxis.com. This contact information is for accessibility requests only and cannot be used to inquire about the status of applications.