Senior IT Security Analyst



Posting Date

January 12, 2021

Position type


At McCarthy Tétrault, we offer challenging and rewarding career opportunities and are delighted to have been selected as one of Canada’s Top 100 Employers 2021 for the ninth consecutive year. Our culture is built on professional excellence, collaboration, innovation, thought leadership and entrepreneurialism. We embrace inclusion in all its forms and we provide the tools and opportunities to help our people develop to their full potential.

As a Senior IT Security Analyst, you will be:

  • Overseeing the configuration, monitoring, logging, testing and assessment of various security and access control systems protecting the Firm’s information assets.
  • Working closely with managed security services, engaged third party service providers, external customers and supporting Information Security by preparing progress reports on metrics and trends, and projections for management reporting, as required.
  • Ensuring day to day IT operations are performed in accordance to security practices.
  • Conducting the investigation of security incidents under the direction of the Director, IT Security and in accordance to the IT Security management practices. This includes coordination of activities with IT and business teams in the Firm and external stakeholders.
  • Supporting IT and Business projects as the Security SME and conducting risk assessments, as well as leading Security projects as required. .
  • Contributing to the identification and evaluation of information security threats through internal audits and process reviews of existing security controls.
  • Participating in the periodic review of the firewall rule-set and regular reviews of identity access management.
  • Developing and executing penetration testing process, as well as follow up remediation activities.
  • Planning, testing and designing controls, and evaluating operational plans, requirements and designs from an information security perspective.
  • Consulting on site and facility design from an operational security perspective.
  • Ensuring IT Security documentation is developed and maintained, and that this knowledge is transferred among IT stakeholders
  • Maintaining awareness of current and emerging threats and staying abreast of current and developing technologies, risks, and security best practices.
  • Developing and coordinating the Department’s Security Awareness Training program.
  • Liaising with clients on external audit and compliance requests.

As our ideal candidate, you will have:

  • Undergraduate degree or equivalent in Information Technology or Information Security and a minimum of 5 years of relevant work experience in information security. Additional experience involving frequent customer facing responsibilities is an asset.
  • Completed post-secondary education or equivalent [RL1] in Information Technology or Information Security[RL2] is an asset.
  • Experience with ISO 27001/27002 and/or CIS Top 20 Critical Controls required.
  • Experience with information security risk assessment methodologies required.
  • CISSP or CISM certification required.
  • GCIH or GCFA certifications a strong asset, along with practical work experience in these domains.
  • Strong written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • A critical thinker with strong problem-solving skills.
  • Demonstrated knowledge of technological trends and developments in the area of information security and risk management, and the knack to quickly pick up and learn new concepts in the field.
  • High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
  • Strong organizational skills, with a high attention to detail.
  • Bilingualism (French, English) would be an asset.

How to apply:

We invite you to submit your application to [email protected].We thank all applicants for their interest in McCarthy Tétrault; however, only chosen applicants will be contacted. We regret that we are unable to respond to individual inquiries about application status. McCarthy Tétrault is an equal opportunity employer that fosters an inclusive, equitable, and accessible environment. Please notify us if you require accommodation at any time during the recruitment process.