Sr IT Security Analyst #100850

Job Description

Job Overview

Sr IT Security Analyst (#100850)

Request ID: 100850-1

Start/End Dates: 4/9/2026 - 1/5/2027

Work Location: downtown Toronto, near TTC and GO

Job Title: IT – Info Security Analyst – Expert

Position Title: IT Security Analyst

Line of Business: Privileged Identity & Access Services (PIAS) / Information Security

Target Start Date: April 6

Duration: 9 Months

Potential for Extension / Conversion to FTE: Extension Yes / Conversion Possible

Hybrid Work: In office 1 day/week + last Friday

Office Location: 81 Bay Street

Work Schedule: 9-5 / 37.5 hrs

Potential for OT: No

Target Rate Range: $75-90/hr on B2B

Organizational Context

The PIAS team sits within the Cyber organization and owns enterprise Privileged Access Management (PAM) and broader Identity & Access Management (IAM) capabilities. It acts as the technical business arm of IAM, bridging security tooling, infrastructure teams, and business account owners.

Key Responsibilities of the LOB

• Owning privileged access across servers and environments (including DMZ and non‑DMZ)


• Ensuring privileged accounts are properly vaulted, governed, and compliant


• Driving IAM/PAM process improvements across multiple portfolios


• Partnering with application, infrastructure, and business teams to remediate access gaps and onboard privileged accounts to standard solutions

Project Focus

This contractor will support a Privileged Access Management remediation and onboarding initiative.

Key Project Activities

• Identifying and analyzing unvaulted privileged access across servers and environments (including behind DMZs)


• Engaging account and application owners to understand how access is used, why it is required, and what risks exist


• Translating business and technical needs into vaulted account requirements


• Coordinating with multiple technology teams involved in provisioning, validation, and PAM onboarding


• Supporting onboarding of human privileged access (CyberArk) and limited non‑human access (HashiCorp Vault – exposure may be minimal but possible)


• Producing technical and procedural documentation


• Driving process enhancements and improvements across PAM portfolios that may extend beyond this single initiative

Must‑Have Qualifications

• 8–10+ years of experience across IT, Security, or IAM/PAM roles


• Strong experience acting as a technical Business Analyst


• Direct experience with Privileged Access Management concepts


• Hands‑on experience or strong working knowledge of CyberArk


• Ability to analyze existing access, assess risk, and translate needs into requirements


• Experience coordinating across multiple technology and business teams


• Strong documentation skills (technical + procedural)

Nice to Have

• Experience with HashiCorp Vault (especially non‑human privileged access)


• IAM/PAM experience in a financial institution or regulated environment


• Security certifications (CISSP, CISM, CRISC, CCSP – asset)

Soft Skills

• Strong stakeholder engagement and communication skills


• Ability to run effective meetings, coordinate contributors, and capture actions


• Comfortable working with ambiguity and incomplete information


• Strong written communication and documentation capability


• Confident, mature professional – not a junior L7

Closing Date

Positions close on March 20 at 4 pm.