View all jobs

Senior Security Analyst – Identity and Access Management

GTA, Ontario · Information Technology
The Senior Security Analyst – Identity and Access Management, a part of the Information Security team, is primarily responsible for administration and maintenance of the CyberArk platform and the privileged access process. The Analyst will perform Information Security operational and project related tasks as well.

He/she will be responsible for administrating, maintaining, monitoring, and upgrading the CyberArk infrastructure, and helping to improve the implementation of Security systems, processes, and procedures. In addition, the incumbent will respond, investigate, contain, remediate, and report on security incidents.

The role requires an in-depth understanding of CyberArk, Information Security practices and the privilege access review processes.


The Senior Security Analyst will need to interact with all business service lines, bridging the gap between technology and business objectives.
Responsibilities include but not limited to:
  • On-going support and maintenance of the CyberArk infrastructure, upgrades, deployment, and integration of new modules/products/features
  • Implementation of System enhancements and new features and functionality
  • Engage with business contacts and ITS Services to identify sensitive accounts and systems which require on-boarding/off-boarding, monitoring, and alerting
  • Configure and maintain automated processes such as local password rotation and service account management
  • Perform assessments of current & new security technology and authentication systems, evaluate against the Security Policies, and other relevant regulations/best practice controls pertaining to the protection of corporate information assets with respect to security and privacy
  • Enhance the identity and access management (IAM) program; design, build and support solutions, conduct routine reviews/audits, lead core transformation projects, ensure new & existing systems comply with IAM, RBAC & PAM frameworks and policies
  • Develop and maintain standard operating procedures, frameworks (ex. Privilege Access Review), and processes
  • Interpret and summarize technical information for presentation to non-technical business contacts
  • Generate ad-hoc/monthly/quarterly reports and create dashboards for leadership
  • Privilege access management and reviews
  • Respond to security incidents; investigate, contain, remediate and report
  • Assist with operational tickets, project activities and ad-hoc requests
  • Allocation;70% CyberArk, 30% operational & project work

Position may require on-call and after-hours work, as needed to support the business needs

  • 3+ years in systems security with certification, maintenance and use of security products in a distributed enterprise environment.
  • 2+ years’ strong working experience with CyberArk core applications
  • Experience and detailed knowledge in the following areas:
    • Privilege Access Management (PAM)
    • Privileged Identity Management (PIM)
    • Secrets Management (AAM)
    • Privileged Session Manager (PSM)
    • Identity and Access Management (IAM)
    • CyberArk Discovery and Audit (DNA) Tool
    • Central Policy Manager (CPM), Central Policy Manager (CPM)
    • Vault Administration
    • Disaster Recovery
  • Exposure to an EDR solution such as Carbon Black or Defender ATP
  • Experience with Windows and Linux operating systems
  • Experience with complex multi-site LAN/WAN environments
  • Experience with network applications, such as Firewall Security and Virtual Private Networking
  • Knowledge in SDWAN & Cisco technologies
  • Knowledge of Microsoft Azure and AWS
  • Understanding of frameworks such as NIST, ISO, and/or CIS
  • CSIRT, CIRT, CERT preferred
  • CISSP, CISA, CISM or other similar Security certification is an asset
Powered by