Senior IT Security Analyst

BC Investment Management Corporation

January 13, 2015

Original postings on the Viatec site are removed after the position is closed, but the posting will be archived here. The original posting was at

Job Category: 
Job Specialization: 
IT Management
Company Overview: 

The British Columbia Investment Management Corporation (bcIMC), one of Canada’s largest institutional investors, provides funds management services for public bodies and publicly administered trust funds. We operate in a global environment with significant international investments in our client asset portfolios, and we are committed to best practices in our industry.

bcIMC aims to be the fund manager of choice for the British Columbia public sector, and we achieve this by building trust with our clients through superior investment management, open and clear communication and high quality client service. Key to these efforts are our employees. We look for ethical people who have true passion for the investment industry, and who are committed to providing exceptional client service and delivering superior investment performance.

Job Summary: 

General Description:

The Information Technology Department is responsible for developing technology solutions that can best contribute to the achievement of bcIMC’s mission and long-term objectives.The Department manages the Corporation’s information technology architecture and technical infrastructure, providing support to end users including problem resolution, training and education.The Department is also responsible for conducting disaster recovery planning and contributes to corporate business continuation planning to minimize potential impact on the delivery of investment services.

The position provides professional advice and direction on all aspects of IT security including but not limited to: user authorization, authentication schemes and matrixes, new application deployment, intrusion detection and response, network security, anti-virus and malicious software detection, employee awareness, investigation and reporting on security breaches and misuse of IT resources. This position makes recommendations regarding security policy, standards, education, management practices and procedures to address the changing scope of security threats and technology.  The Senior IT Security Analyst reports to the Manager, Infrastructure & IT Security, and works closely with other members of the IT Department and the organization.


The Senior IT Security Analyst should have:

  • Academic qualifications in Computer Science and a minimum three years of progressive experience in IT security, controls and compliance.
  • A high level of integrity consistent with distinguished service in fiduciary, law enforcement or other positions of public trust.
  • Experience in a Windows OS and application environment.
  • Experience with complex financial systems, VPNs and client/server technology, required.
  • Experience with Security Information and Event Management programs and practices.
  • Desirable qualifications include designation as a Certified Information Systems Security Professional, or equivalent professional designation.

Specific Accountabilities:

  • Working under direction from the Manager, Infrastructure & IT Security – contributes to the IT Security Framework and administers the IT Security program by monitoring, detecting, remediating, strategizing and implementing all IT security tools, processes, documents, incidents and initiatives.
  • Participates in the ongoing development and execution of IT security awareness training programs across the enterprise to ensure alignment with the overall technology strategy and compliance to regulatory and established IT security standards.
  • Provides technical IT security expertise and operational support in the development and implementation of security plans, standards and policies for networks, systems and mission critical business applications; applies knowledge of IT infrastructure to monitor and evaluate security risks and controls and works closely with technical support staff and management to develop and implement mitigation strategies.
  • Performs IT security monitoring, analysis and response: reviews supplemental program changes; reviews non‑core access to the building for suspicious activity; monitors access structures ensuring access occurs at the proper functional level to preserve the confidentiality, integrity and availability of IT systems.
  • Provides first line of contact/support for security incidents, analyzing critical IT issues, identifying risks/threats and recommending appropriate action and on-going solutions to eliminate a reoccurrence; produces reports on the results of investigations, including recommending corrective actions for data, systems processes, policies, procedures, or controls.
  • Conducts research and provides technical advice about emerging trends, issues and developments in the information security industry.
  • Provides security expertise and advice to senior management, conducts analysis to identify risks and exposures, develops and implements safeguards, measures compliance to security standards and policies and prepares quarterly updates on information technology risk initiatives.
  • Works with external auditors during the annual IT Controls Review, demonstrating the effective accomplishment of compliance goals and objectives.
  • Actively adheres to compliance and risk management policies, and participates in business continuity planning.
How To Apply: 

Please visit for detailed position information and instructions on how to apply, citing File #278, by January 30, 2015.