Senior Information Security Analyst - ServiceNow (Toronto - Hybrid)

Senior Information Security Analyst - ServiceNow (Toronto - Hybrid)

 

The Role

The Senior Information Security Analyst (ServiceNow) is responsible for developing, implementing, and supporting technology processes and change control that help protect the organization.  This role provides subject matter expertise in ITSM with a focus on Change Management and delivery (Release Management), risk assessment and identification of control gaps to mitigate risk.

The successful candidate contributes to projects of moderate to high complexity and delivers reporting, analysis, and assessments that support functional, business line, and enterprise-level objectives A key focus of the role is supporting and enhancing ServiceNow capabilities across multiple pillars, including day-to-day operational activities, process improvements, and product delivery

Key Responsibilities

• Provide expert consultation and advice to business and technology partners on technology controls, information security programs, policies, standards, and security incidents within the specialized area of responsibility

• Conduct project-level consulting on risk assessments, control design, control effectiveness, vulnerability assessments, and other relevant security matters

• Lead or contribute to risk and control design assessments across an application portfolio, documenting the business and enterprise impact of control gaps, including mitigation strategies and remediation plans

• Support the definition, development, and oversight of enterprise security management strategies and frameworks

• Help ensure that appropriate technology, governance, and processes are in place to monitor, detect, prevent, and respond to current and emerging security threats

• Collaborate proactively with stakeholders, service owners, and platform owners to integrate security requirements into enterprise architecture and address identified control gaps

• Provide consultation on regulatory compliance requirements, related reporting, and inquiries

• Participate in security incident response activities relevant to the business or enterprise and represent the function’s position to stakeholders as needed

• Adhere to internal policies, procedures, technology control standards, and applicable regulatory guidelines • Contribute to the review of internal processes and identify opportunities to improve efficiency, effectiveness, and control outcomes

• Support and advise on enterprise frameworks and methodologies related to technology controls and information security activities

• Promote a strong risk management culture by influencing behaviors that reduce risk across the enterprise • Remain informed on emerging issues, industry trends, and regulatory changes, and assess their potential impact on the Bank

• Define, develop, implement, and manage standards, policies, procedures, and solutions that mitigate risk while maximizing security, service availability, and operational efficiency

• Build and maintain effective relationships across technology, business, and control functions to ensure alignment with enterprise and regulatory requirements

• Identify key issues, escalate them appropriately, and support remediation and risk treatment activities where required

• Contribute to business-specific, cross-functional, and enterprise initiatives as a subject matter expert, providing risk guidance and supporting complex reporting, analysis, and assessments ServiceNow Focus 

• Perform extensive work within ServiceNow across multiple pillars and modules

• Support business-as-usual activities, including review and processing within Change Management, Incident Management, and Problem Management

• Contribute to ServiceNow process and module improvement initiatives

• Support ServiceNow product development and delivery activities

• Leverage knowledge of modules such as Change, Incident, Problem, TDAR, CMDB, and related reporting capabilities to support risk management, governance, and operational objectives Team and Leadership Expectations

• Continuously enhance knowledge and expertise in information security, risk, and ServiceNow capabilities

• Keep current on emerging trends, developments, and analytical tools relevant to the role 

• Prioritize and manage workload effectively to deliver quality results within assigned timelines

• Support a positive work environment that promotes service, innovation, teamwork, and timely communication of issues and opportunities

• Identify and recommend opportunities to improve productivity, effectiveness, and operational efficiency

• Establish effective relationships across business and technology teams, program managers, and project managers

• Participate in knowledge sharing and knowledge transfer within the team and broader business unit

• Act as a key resource and subject matter expert in at least one technology niche, field, or line of business

 

Qualifications

• University degree or equivalent relevant experience

• 5-7 years of relevant experience in information security, technology controls, risk management, or a related field

• Sound knowledge and practical experience working with ServiceNow modules, including Change, Incident, Problem, TDAR, and CMDB

• Experience generating reports and analysis within ServiceNow

• Sound to advanced knowledge of organizational processes, technology controls, security, and risk issues • Experience contributing to projects of moderate to high complexity 

 

We offer a competitive, people-first benefits package designed to support every aspect of your life:

Benefits

• Comprehensive Benefits Coverage – 100% company-paid health, life, and disability insurance effective from Day 1 of employment
• Retirement Savings Program – Registered Retirement Savings Plan (RRSP) with the option of employer matching contributions
• Virtual Health Care – Company-paid program for employees and their dependents/partners
• Employee & Family Assistance Program (EFAP) – Support services for employees and their dependents/partners
• Parental Leave Top-Up – Enhanced parental leave benefits from Day 1
• Wellness Support – Fitness reimbursement to promote well-being
• Business Coach from Day 1 – Personalized coaching to support career growth

Why Join Capco

• Deliver high-impact technology solutions for Tier 1 financial institutions
• Work in a collaborative, flat, and <span style="color:red">entrepreneurial</span> consulting culture
• Access continuous learning, training, and industry certifications
• Be part of a team shaping the future of digital financial services
• Help shape the future of digital transformation across FS & Energy.

Use of Artificial Intelligence in Talent Acquisition
At Capco, we use artificial intelligence (AI) tools to support and enhance several parts of talent acquisition. This includes using AI-enabled features within LinkedIn to help source potential candidates, speeding up routine recruitment communications such as emails and creating compelling and brand-aligned job postings that accurately reflect role requirements, and AI-scheduling applications to improve the efficiency of interview coordination.

AI is used as a support tool only. All hiring decisions are made by talent acquisition and hiring teams.

Why This Role Is Open
We are currently hiring for this role due to an existing or newly created vacancy within our organization. This position is open as part of our ongoing business needs, and we are actively reviewing applications to fill this role with a qualified candidate who can make an immediate impact.

Inclusion at Capco
We’re committed to making our recruitment process accessible and straightforward for everyone. If you need any adjustments at any stage, just let us know – we’ll be happy to help. We value each person’s unique perspective and contribution. At Capco, we believe that being yourself is your greatest strength. Our #BeYourselfAtWork culture encourages individuality and collaboration – a mindset that shapes how we work with clients and each other every day.