Senior Information Security Analyst - ServiceNow (Toronto - Hybrid)

About the role

The Senior Information Security Analyst (ServiceNow) is responsible for developing, implementing, and supporting technology processes and change control that help protect the organization. This role provides subject matter expertise in ITSM with a focus on Change Management and delivery (Release Management), risk assessment and identification of control gaps to mitigate risk. The successful candidate contributes to projects of moderate to high complexity and delivers reporting, analysis, and assessments that support functional, business line, and enterprise-level objectives A key focus of the role is supporting and enhancing ServiceNow capabilities across multiple pillars, including day-to-day operational activities, process improvements, and product delivery

Responsibilities

• Provide expert consultation and advice to business and technology partners on technology controls, information security programs, policies, standards, and security incidents within the specialized area of responsibility
• Conduct project-level consulting on risk assessments, control design, control effectiveness, vulnerability assessments, and other relevant security matters
• Lead or contribute to risk and control design assessments across an application portfolio, documenting the business and enterprise impact of control gaps, including mitigation strategies and remediation plans
• Support the definition, development, and oversight of enterprise security management strategies and frameworks
• Help ensure that appropriate technology, governance, and processes are in place to monitor, detect, prevent, and respond to current and emerging security threats
• Collaborate proactively with stakeholders, service owners, and platform owners to integrate security requirements into enterprise architecture and address identified control gaps
• Provide consultation on regulatory compliance requirements, related reporting, and inquiries
• Participate in security incident response activities relevant to the business or enterprise and represent the function's position to stakeholders as needed
• Adhere to internal policies, procedures, technology control standards, and applicable regulatory guidelines - Contribute to the review of internal processes and identify opportunities to improve efficiency, effectiveness, and control outcomes
• Support and advise on enterprise frameworks and methodologies related to technology controls and information security activities
• Promote a strong risk management culture by influencing behaviors that reduce risk across the enterprise - Remain informed on emerging issues, industry trends, and regulatory changes, and assess their potential impact on the Bank
• Define, develop, implement, and manage standards, policies, procedures, and solutions that mitigate risk while maximizing security, service availability, and operational efficiency
• Build and maintain effective relationships across technology, business, and control functions to ensure alignment with enterprise and regulatory requirements
• Identify key issues, escalate them appropriately, and support remediation and risk treatment activities where required
• Contribute to business-specific, cross-functional, and enterprise initiatives as a subject matter expert, providing risk guidance and supporting complex reporting, analysis, and assessments ServiceNow Focus
• Perform extensive work within ServiceNow across multiple pillars and modules
• Support business-as-usual activities, including review and processing within Change Management, Incident Management, and Problem Management
• Contribute to ServiceNow process and module improvement initiatives
• Support ServiceNow product development and delivery activities
• Leverage knowledge of modules such as Change, Incident, Problem, TDAR, CMDB, and related reporting capabilities to support risk management, governance, and operational objectives Team and Leadership Expectations
• Continuously enhance knowledge and expertise in information security, risk, and ServiceNow capabilities
• Keep current on emerging trends, developments, and analytical tools relevant to the role
• Prioritize and manage workload effectively to deliver quality results within assigned timelines
• Support a positive work environment that promotes service, innovation, teamwork, and timely communication of issues and opportunities
• Identify and recommend opportunities to improve productivity, effectiveness, and operational efficiency
• Establish effective relationships across business and technology teams, program managers, and project managers
• Participate in knowledge sharing and knowledge transfer within the team and broader business unit
• Act as a key resource and subject matter expert in at least one technology niche, field, or line of business

Requirements

• University degree or equivalent relevant experience
• 5-7 years of

Additional Information

Senior Information Security Analyst - ServiceNow (Toronto - Hybrid)

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at capco? Share your experience