Data Security Analyst

At CWB, we strive to build value for the people who choose us every day: our people, our clients and our investors. We do this by:Putting people first and building relationships with intentionSeeking out and embracing new ideasBelieving that how we do things is as important as what we doData Security AnalystRole SpecificationsEveryday flexibility. Hybrid work environments. Collaborative connection.CWB CorporatePut a new spin on your banking careerThe overwhelming majority of our employees say CWB is a Great Place to Work®We’re different from the big banks in the way we engage our employees - caring, responsive, and armed with an obsession for growing talent. Our reputation is powered by a people first culture that ensures our employees be and feel heard, promotes inclusivity and diverse viewpoints, and inspires collaboration and innovation.Our employees love CWB. You’ll love it here too.The opportunityCWB data is an important asset. Taking into consideration the rise of global cyber security incidents and its direct impact to branding and reputation, CWB Financial Group is committed to developing and implementing policies, processes, and technologies to manage data security proactively and effectively for our business, our clients, and our employees.The Data Security analyst is a member of the Data Protection team, within CWB’s Information Security Office (ISO) and will be responsible for the implementation and day-to-day operations of modern-day, industry-leading data security and data loss prevention technologies.Specific AccountabilitiesAccountability #1 - Data ProtectionApply risk management and treatment methodologies to balance the needs of CWB Financial Group while ensuring that data usage behaviours are changed to mitigate identified risks.Assist with day-to-day activities of the Data Protection team, as they relate to ongoing data discovery, Cloud Access Security, Information Rights Management, and Enterprise’ storage strategies.Maintain solutions to secure and control email, documents, and sensitive data by applying the principal of least privilege.Support Business Units by ensuring business-to-security alignment.Identify opportunities from the perspectives of people, processes, and technology while ensuring the highest level of confidentiality, integrity, and availability of information assets.Participate in educating the company and its employees about data protection and privacy best practices.Execute procedures, perform detailed data analysis, root cause analysis, document results, suggest improvements for operational efficiencies, identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios relevant to data protection.Contribute to the development and execution of Incident Response (IR) plans and playbooks, as needed.Accountability #2 - Data Loss PreventionAssist in the enhancement and development of operational procedures to leverage cloud-based technologies for the purpose of ongoing monitoring and continuous protection of data.Recommend and facilitate the implementation of technical controls to support and enforce defined security policies.Aid with Security Incidents and Investigations.Collaborate closely with the Identity & Access Management team to ensure access to data is provisioned to our centralized identities, on a need-to-know basis.Assist in implementing data retention schedules based on classification and ensuring the use of automatically applying retention label policies.Skills and competencies that will take you furtherEducationPost secondary diploma in the field of Computing Science, Information Systems Security, or equivalent experienceRequired: CompTIA Security+, (ISC)2 Entry-Level Cybersecurity Certification, System Security Certified Practitioner (SSCP) or commitment to obtain within the first two years of employmentProfessional ExperienceInformation Technology Experience: A minimum of 5 years of experience in Information Technology with at least two (2) of those years in an Information Security domain.Data Protection and Governance: At least 2 years of experience in administering data protection controls, data governance, regulatory requirements, PII and privacy protection, data risk assessment and data loss prevention policies.Data Asset Management: Actively contribution to defining data asset, including discovery and inventory, data flows, data lineage, infrastructure mapping, data stewardship and classification.Microsoft 365 Experience: Prior experience in Microsoft 365’s Purview Information Protection would be beneficial.Data Lifecycle Management: Participation in end-to-end Data lifecycle management.Encryption and Anonymization: Solid understanding of encryption and anonymization, masking methods, hashing, tokenization, and key management (DKE, PGP, PKI, CKM, BYOK etc.).Prior experience working with Data Governance Platforms or Data Trust products for discovering, managing, and protecting structured data would be beneficial.Applicable understanding of data encryption capabilities (i.e., field level encryption, file level encryption).Scripting and automation skills: Proficiency in scripting and automation.IT Infrastructure Knowledge: Strong knowledge of technical infrastructure, public cloud, network, databases, and systems. Experience with cloud computing, enterprise Microsoft 365, Windows and/or Linux technology infrastructure, access security, data protection security, and information systems auditing.Data Classification: Understanding of data classification strategies to ensure sensitive data is appropriately protected.Information Security Frameworks: Strong familiarity with information security frameworks and standards including OSFI B-13 Technology and Cyber Risk Management, the NIST Cyber Security Framework, ISO 27000 series, NIST SP 800-53 Security and Privacy Controls for Information Systems and Organizations (Rev. 4 or 5).Experience in implementing security measures to protect data while it’s being transferred between systems using secure protocols (like HTTPS, SFTP), encryption technologies, and secure network architectures.Experience in identifying, preventing, and mitigating threats originating from within the organization using user behavior analytics, access controls, and incident response strategies.Centralized Certificate and Key Management: Experience in centralizing the management of all cryptographic keys and certificates within the organization - managing the lifecycle of keys and certificates and ensuring compliance with relevant standards and regulations.Experience in implementing and managing DLP solutions at the endpoint level to prevent data leaks - involve setting up DLP policies, monitoring data transfers, and responding to potential data leak incidents.Familiarity with the Information Technology Infrastructure Library (ITIL) IT service management frameworkDesirable: Experience with the financial services industry is an asset.Experience in defining metrics, KPIs, implementing cybersecurity dashboards.Personal CompetenciesExceptional written, verbal, listening, and interpersonal skills.Ability to use critical judgement to make decisions and solve problems involving various levels of complexity, ambiguity, and risk.Good analytical skills and strong attention to detail, identify potential threats and develop strategies to address them.High level of precision to ensure the integrity of data and to detect subtle anomalies.High ethical standards to handle sensitive information responsibly.Firm commitment to staying informed and abreast of emerging issues, industry trends etc.Sound to advanced knowledge of business, technology controls, IT security, IT risks and best practices in data security.Proficient in identifying and evaluating potential risks to data security.Demonstrated ability to participate in projects of moderate to high complexity.Skilled at staying abreast of evolving technologies and security threats.Committed to serving as an expert in business-specific, cross-functional, and enterprise initiatives.Able to work effectively within collaborative team environments.Capable of working independently and autonomously.Skilled at managing multiple projects simultaneously and consistently meeting deadlines.Proficient in conveying intricate technical concepts using both technical terminology and user-friendly language. Able to bridge the gap between technical details and non-technical stakeholders by emphasizing relevance and impact.Skilled at creating and customizing concise reports for senior managers and various business unitsWhy work with us?Your success is our obsession! And our award-winning culture & benefits back it up.Proudly recognized by Great Place to Work® in 2023 as one of Canada’s top 50 Best Workplaces & recipient of Waterston Human Capital’s Most Admired Corporate Culture 2023. Wellness matters. We offer an award-winning benefits package that includes:Hybrid work environmentsEveryday flexibilityGenerous company-funded health coverageHealth care spending accountA flexible wellness programgenerous time-away options to unplug, rest & recoverCareer development. We commit to our employees’ development and help them reach their professional goals with:Organization wide coaching servicesMentorshipEducation support & training programsBring your whole self to work. Inclusion is a journey requiring practice & experience to result in a powerful outcome. Your perspective matters & voice will be heard. Find community within the CWB family in our employee represented groups.#LI-EH1IND-EHAs an equitable employer, CWB Financial Group is committed to providing a safe and inclusive environment where a diverse workforce thrives. You are welcomed and encouraged to bring your whole self to work. Dignity, respect and equality are non-negotiables. If you require accommodation during any part of the recruitment or selection process, please reach out.Closing Date:* Position closes at 12:01am on the close date identified below.05/20/2024