
Senior Information Security Analyst - ServiceNow (Toronto - Hybrid)
The Role
The Senior Information Security Analyst (ServiceNow) is responsible for developing, implementing, and supporting technology processes and change control that help protect the organization. This role provides subject matter expertise in ITSM with a focus on Change Management and delivery (Release Management), risk assessment and identification of control gaps to mitigate risk.
The successful candidate contributes to projects of moderate to high complexity and delivers reporting, analysis, and assessments that support functional, business line, and enterprise-level objectives A key focus of the role is supporting and enhancing ServiceNow capabilities across multiple pillars, including day-to-day operational activities, process improvements, and product delivery
Key Responsibilities
Provide expert consultation and advice to business and technology partners on technology controls, information security programs, policies, standards, and security incidents within the specialized area of responsibility
Conduct project-level consulting on risk assessments, control design, control effectiveness, vulnerability assessments, and other relevant security matters
Lead or contribute to risk and control design assessments across an application portfolio, documenting the business and enterprise impact of control gaps, including mitigation strategies and remediation plans
Support the definition, development, and oversight of enterprise security management strategies and frameworks
Help ensure that appropriate technology, governance, and processes are in place to monitor, detect, prevent, and respond to current and emerging security threats
Collaborate proactively with stakeholders, service owners, and platform owners to integrate security requirements into enterprise architecture and address identified control gaps
Provide consultation on regulatory compliance requirements, related reporting, and inquiries
Participate in security incident response activities relevant to the business or enterprise and represent the functions position to stakeholders as needed
Adhere to internal policies, procedures, technology control standards, and applicable regulatory guidelines Contribute to the review of internal processes and identify opportunities to improve efficiency, effectiveness, and control outcomes
Support and advise on enterprise frameworks and methodologies related to technology controls and information security activities
Promote a strong risk management culture by influencing behaviors that reduce risk across the enterprise Remain informed on emerging issues, industry trends, and regulatory changes, and assess their potential impact on the Bank
Define, develop, implement, and manage standards, policies, procedures, and solutions that mitigate risk while maximizing security, service availability, and operational efficiency
Build and maintain effective relationships across technology, business, and control functions to ensure alignment with enterprise and regulatory requirements
Identify key issues, escalate them appropriately, and support remediation and risk treatment activities where required
Contribute to business-specific, cross-functional, and enterprise initiatives as a subject matter expert, providing risk guidance and supporting complex reporting, analysis, and assessments ServiceNow Focus
Perform extensive work within ServiceNow across multiple pillars and modules
Support business-as-usual activities, including review and processing within Change Management, Incident Management, and Problem Management
Contribute to ServiceNow process and module improvement initiatives
Support ServiceNow product development and delivery activities
Leverage knowledge of modules such as Change, Incident, Problem, TDAR, CMDB, and related reporting capabilities to support risk management, governance, and operational objectives Team and Leadership Expectations
Continuously enhance knowledge and expertise in information security, risk, and ServiceNow capabilities
Keep current on emerging trends, developments, and analytical tools relevant to the role
Prioritize and manage workload effectively to deliver quality results within assigned timelines
Support a positive work environment that promotes service, innovation, teamwork, and timely communication of issues and opportunities
Identify and recommend opportunities to improve productivity, effectiveness, and operational efficiency
Establish effective relationships across business and technology teams, program managers, and project managers
Participate in knowledge sharing and knowledge transfer within the team and broader business unit
Act as a key resource and subject matter expert in at least one technology niche, field, or line of business
Qualifications
University degree or equivalent relevant experience
5-7 years of relevant experience in information security, technology controls, risk management, or a related field
Sound knowledge and practical experience working with ServiceNow modules, including Change, Incident, Problem, TDAR, and CMDB
Experience generating reports and analysis within ServiceNow
Sound to advanced knowledge of organizational processes, technology controls, security, and risk issues Experience contributing to projects of moderate to high complexity
Why Join Capco
We offer a competitive, people-first benefits package designed to support every aspect of your life:
Benefits
Use of Artificial Intelligence in Talent Acquisition
At Capco, we use artificial intelligence (AI) tools to support and enhance several parts of talent acquisition. This includes using AI-enabled features within LinkedIn to help source potential candidates, speeding up routine recruitment communications such as emails and creating compelling and brand-aligned job postings that accurately reflect role requirements, and AI-scheduling applications to improve the efficiency of interview coordination.
AI is used as a support tool only. All hiring decisions are made by talent acquisition and hiring teams.
Why This Role Is Open
We are currently hiring for this role due to an existing or newly created vacancy within our organization. This position is open as part of our ongoing business needs, and we are actively reviewing applications to fill this role with a qualified candidate who can make an immediate impact.
Inclusion at Capco
Were committed to making our recruitment process accessible and straightforward for everyone. If you need any adjustments at any stage, just let us know well be happy to help. We value each persons unique perspective and contribution. At Capco, we believe that being yourself is your greatest strength. Our #BeYourselfAtWork culture encourages individuality and collaboration a mindset that shapes how we work with clients and each other every day.
The salary range for this position is listed below. Additionally, this position may also be eligible to receive an annual discretionary/variable bonus payment.
Capco is committed to providing fair and equitable compensation to our people. Our compensation policies and salary ranges are designed to allow our people to progress through the salary range as they demonstrate strong performance and develop in their role over time. The base pay offered to selected candidates will be within the salary range and the placement will vary based upon a variety of factors, including, but not limited to job-related knowledge, skills, experience and internal equity.