Job Overview

Reporting to the Senior Manager, Infrastructure and Support, the Information Security Analyst will have responsibility for overall Information Security at RFA Bank of Canada, including internal/external networks, datacenters, end user devices and outsourced service providers. The Information Security Analyst will work with the TechOps team and RFA Bank of Canada partners to identify enhancements to our current security posture and respond to changes in the overall IT security industry including best practices and emerging threats.

Core Responsibilities

Day to Day Responsibilities

• Manage external vendors who contribute to the overall security posture of RFA Bank of Canada;

• Respond to emerging threats as required;

• Enhance and execute on activities required for the secure operation of the Bank’s infrastructure; including user access reviews; vulnerability scanning; penetration tests and patch management

• Provide expertise and recommendations in assessment of new partner IT Security practices;

• Consult and define requirements for elements of infrastructure related to IT Security at the Bank, including but not limited to Next Generation Firewalls, network design, IDS/IDP, malware and virus protection, and end-user devices

Medium and Long-Term Responsibilities

• Keep current on IT Security best practices and emerging trends through industry contacts, white; papers, and vendor reviews;

• Introduce new technologies and processes to enhance security and enable new business functionality;

Regulatory & Compliance

• OSFI cyber security self-assessment

• Vendor Information Security review, analysis and scoring

• Any issues and gaps will be addressed via the creation of a Risk Action Plan. The Risk Action Plan will be managed appropriately and tracked to completion.


• Maintain employee and customer confidentiality per the Employee Handbook in all instances.

Code of Conduct

• Adhere to the Code of Conduct in all instances.

Customer/Stakeholder Interaction

• As required; with management, projects and support teams, end users and vendors

Financial Responsibilities

• N/A


• Minimum 7-10 years’ experience in Information Security with a university degree (or equivalent) in Computer Science or Engineering;

• Experience in setting up and executing processes and policies relating to Information security, preferably at a financial institution;

• Deep understanding of IT security technologies, including firewalls, end-user devices and activities, network architecture and SIEM capabilities;

• Experience in OSFI guidelines and reporting;

Required Competencies

• Ability to work across all levels and departments in the execution of responsibilities;

• Comfort in presenting to senior management, influencing teams in a matrixed organization and dealing in both detailed and summary levels of engagement;

• Previous experience working in small to medium Financial Institution, particularly in mortgages or online retail bank environments;

• Working in a regulated environment with multiple oversight frameworks provided by different regulators;

• Strong work ethic and tendency to take initiative;

• Excellent interpersonal communication skills;

• Willingness to work in non-conventional hours;

• Task oriented, quick learner that can work independently but is a team player;

Working Conditions

• Office environment with regular working hours with overtime as approved;

• Perform other responsibilities and assist with special projects as required;

• 6 month contract;

Other details

  • Pay Type Salary

Apply Now

Job Overview

Sign in

Sign Up

Forgotten Password