IT Security Auditor

Location: Vancouver, British Columbia, Canada
Date Posted: 08-28-2017

Our client is a leading athletic apparel company founded in 1998 in Vancouver, Canada. They started as a single-store community hub with a focus on health, success, and pushing the boundaries. Today, they are a multinational, publicly traded company with over 2,800 employees and 350 stores across North America, Europe, and Asia. They believe their employees are the center of their sustainable business and that the right team will elevate the world from mediocrity to greatness.

IT Security Auditor
Vancouver, BC, Canada

This role will support the global information security and compliance practice in monitoring compliance with key IT system access controls. The information security and compliance team is a business enabler that understands the technical risks of the IT environment, translates that into tangible business risk, and arrives at a happy medium that allows the company to propel forward whilst remaining secure.

What you'll be doing: 
  • initiate and coordinate periodic attestation / recertification campaigns for user access to a multitude of key corporate IT systems
  • monitor for instances of non-compliance with key system access controls, such as access granted without proper approval, inappropriate access to sensitive system functions, lack of timely access revocation post termination, etc.
  • conduct root cause analysis over non-compliance instances as described above, and work closely with the related IT or business function to develop remediation actions
  • escalate incidents to the IT Compliance Manager, or other appropriate resource, as necessary
  • perform or assist with other compliance or security audits as necessary, and report on audit results to the IT Compliance Manager, as well as other stakeholders
  • undergo ongoing training and certification to maintain technical skills at the highest level
  • provide after-hours support as needed or an on-call basis

What you bring: 
  • a college diploma in information security or computer technical support, or equivalent education and/or training and holds or be working towards a relevant certification, including widely recognized security or audit certifications such as SANS GIAC, CISSP, CISA or CISM, or more
  • specific certifications such as the Certified Identity and Access Manager (CIAM) certification
  • previous experience in a similar systems auditor role, or an access administrator role
  • experience working with or administering identity and access management systems, such as Sailpoint IdentityIQ, Oracle Identity Management, Okta, NetIQ, etc.
  • experience with incident management, change management and service request processes which utilize an internal ticketing system
  • working knowledge of security incident and event management systems
  • previous experience in maintaining and troubleshooting day-to- day operational processes, such as report generation, data verification and data correlation
  • experience working in an eCommerce environment, with exposure to mobile application platforms
  • prior experience working in a highly-regulated environment would be an asset
  • should be familiar with TCP/IP concepts, such as IP addressing schema, SMTP, HTTP, HTTPS, FTP, DNS, etc.
  • understanding of and exposure to security tools such as firewalls, IDS/IPS, A/V, anti-spam, content management, server and network device hardening, etc. is a strong plus.
  • ability to run tools such as nslookup, netstat, nmap, etc. is a strong plus
  • ability to review and accurately interpret network logs is a strong plus

Sound like you and peaked your interest? Great! Apply today!
this job portal is powered by CATS