Analyst, Security IT-GIS-p&Sec a

Job Summary

The IT Security Analyst works to protect Apotex information and systems from external and internal threats. The IT Security Analyst works with GIS staff to ensure Apotex information and information systems are secure by verifying the Security Architecture and Program are adhered to and evaluated through the use of security tools, assessments, audits and policy.

Job Responsibilities

• Assists in identifying risks discovered as a result of security or privacy assessments or from technical solution implementations, and works towards its management;
• Participates in security event assessments and security incident handling, including assessment of technical security events, policy infringements, and regulatory breaches involving GIS;
• Performs initial reviews of architectural designs and ensure they comply with the overall Security Architecture;
• Performs audits against the security programs of Apotex and Apotex partners and report on any gaps that need to be addressed.
• As part of an Information Secrity Incident team, assists to coordinate efforts between network and systems administrators to work towards containment and recovery during security incidents or outbreaks;
• Assists in working with external auditors, as required, and acts as the primary liason;
• Provides recommendations and advice to GIS staff on all matters related to security;
• Contributes to the development and maintenance of the overall Security Architecture;
• Works with network and systems administrators in all GIS departments to ensure Apotex information and information systems are secure;
• Keeps current with emerging security alerts and issues and understand which issues can and should be addressed;
• Contributes to an information security culture by participating in the development and delivery of communications and/or training on the safe and appropriate use of Apotex information systems outlined in Apotex security policies;
• Develops and maintains effective relationships with counterparts in the industry as part of research into emerging security technologies and "best practices;"
• Keeps self at the "leading edge" of IT security through regular professional development activities;
• Serves in a professional practitioner role in particular area of expertise and work with management to determine the tactical implementation of strategic requirements of the organization;
• Participates in IT and business discussions promoting the benefits and requirements of secure computing solutions;
• Contributes to overall departmental effectiveness by providing detailed, accurate information and recommendations to management based on security audit findings or status reports;
• Identifies training opportunities, areas for improvement and any audit program enhancements;
• Works in a safe manner collaborating as a team member to achieve all outcomes.
• Demonstrate Behaviours that exhibit our organizational Values: Collaboration, Courage, Perseverance, and Passion.
• Ensure personal adherence with all compliance programs including the Global Business Ethics and Compliance Program, Global Quality policies and procedures, Safety and Environment policies, and HR policies.
• All other relevant duties as assigned.

Job Requirements

• Education

• University graduate in computer science or a related field; or Post-Secondary education in Computer Science or related field and equivalent work experience;

• Knowledge, Skills and Abilities
  • CISSP or a related IT Security or Privacy designation is an asset;
  • Good knowledge and experience with networking, server and endpoint technologies;
  • Good knowledge of IT security strategies and solutions;
  • Strong organizational skills; ability to work independently and manage priorities;
  • Excellent oral and written English communication skills;
  • Ability to manage multiple tasks and projects simultaneously;
  • Excellent interpersonal skills and ability to relate well to internal and external customers;
• Experience

• 5 plus years of experience in the Pharmaceutical/Process Industry, Consumer Packaged Goods, Information Systems, Project Management and/or Management Consulting Environment;