Share this Job

Security Business Analyst

Date: 02-Jul-2019

Location: Mississauga, ON, CA

Company: Purolator

Opportunities delivered
Looking for an opportunity to learn and grow within Purolator? Here is another exciting opportunity for you to help us deliver on our customers’ promises 


Job Description

As an IT Business Security Analyst, you will support the Security team to develop and maintain Policies, procedures and programs.


You are a critical thinker and have focus to be able to understand problems and identify user needs. With the ability to clearly define, you will work with business, service providers and IT to define, build and maintain the IT Information Security Program. This entails your relationship building skills, analytical views, and detail oriented approach to work on Access Management, IT Risk Management and Business Services for Purolator. As you see business and technology intersect, you will participate in technical discussions, but can easily explain technical needs in non-technical language. This fuels knowledge distribution to the whole company and posture of the IT Information Security Program.


Information Security:

  • Support the IS program and other plans developed by the Business or as applicable.
  • Have working knowledge related to Governance, Controls, Development and Monitoring.
  • Influence the Data Governance program by giving guidance related to access, usage, storage, and sharing of all data including existing and emerging data (e.g. digital, unstructured).
  • Working knowledge related to Operations and Technology risks.
  • Learn the current Security Support model provided by Service Provider.
  • Support digital transformation related to customer experience and needs.
  • Identify key risks to applications and understand business risk tolerance in order to identify solutions and provide guidance.
  • Reports IS issues/risks to the Business as applicable with appropriate documentation and supports the response to security events.
  • Work with the Business to develop processes and procedures to ensure information security policies and standards are integrated.
  • Manage the Risk Assessment process to include asset inventory, system criticality, data classification, threat analysis and action plans.
  • Provide guidance preparing for audits, support the resolution of audit findings and ensuring closure.
  • Build and support security solutions according to Security Policy established.
  • Review Vendor Security Questionnaires and/or Security enquires from business to ensure consistency along with support in building knowledge library for Business education.


Awareness & Training:

  • Maintain and facilitates awareness and training programs as needed based on issue/risk trends.
  • Promote awareness of current policies and standards, as well as revisions and developments; provide consistent interpretation of policy to business unit.


Relationship Management:

  • Build relationship and engage frequently with the Business and IT leads.
  • Help drive best practices between organizations and departments
  • Fortify a relationship with Service Provider to further support the IS Program



  • Bachelor’s Degree
  • Information Security Certification (i.e. CISSP, CISM, CISA or CIPP)
  • Project management experience as asset
  • 2+ years of Information Security experience
  • 3-5 years’ Experience in IT Systems Administration
  • 2-5 years’ Experience with IT Network Principles and Protocols including TCP/IP and IP Schema design
  • Experience with interpretation and application of IS
  • Experience with Third Party Information Security requirements
  • Strong strategic thinking, risk analysis and problem solving skills
  • Knowledge of business, regulatory and compliance requirements
  • Excellent analytical, problem-solving and creative-thinking skills.
  • Must have the ability to look horizontally across the company in addition to supporting the individual (vertical) business areas.
  • Understanding of the IS risks that are inherent to the Business and access to technical security resources as necessary
  • Ability to manage and prioritize responsibilities through the effective use of time management and organizational techniques.
  • Must have strong planning and organizing skills and the ability to work well with seasoned and inexperienced team members. Must be flexible and be able to lead and/or manage several projects simultaneously
  • Ability to interact and communicate both written and verbally with the Business and technology representatives
  • Build a relationship with Third Party support (of the Shared Service Model) and influence change
  • Ability to create metrics, presentations and other documents as needed
  • Knowledge of Privacy and Payment Card Industry (PCI)





Location:                    530 - Corporate  
Working Conditions: Office Environment 

Reports to:                  Director IT Ops and Governance

Purolator is an equal opportunity employer committed to diversity and inclusion. We consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, Aboriginal/Indigenous status or any other factors considered discriminatory. If you require an accommodation during the recruitment process, we will work with you to meet your needs.

We recognize that our employees and their families are key stakeholders. We will only be successful as a business if we provide our employees with a safe and healthy workplace and we have the right people in the right roles with the support they need to succeed. We hire for attitude and train for skills.  To learn more about us and our values, go to

At Purolator, every day is an opportunity for our employees to connect with one another and with our customers to help make a positive impact in the communities where we live, work and play.

Job Segment: Business Analyst, Risk Management, Relationship Manager, Project Manager, Finance, Technology, Customer Service