• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Adresse mail
  • Facebook
  • Instagram
  • Linkedin
  • Twitter

1.844.822.0541

info@nexusgroup.ca

  • Français
    • English
  • Login consultant
  • Offres d’emploi
Nexus Systems Group

Nexus Systems Group

  • Accueil
  • Ce que nous faisons
    • Les solutions de dotation rendues faciles
    • Gestion de la main-d’œuvre occasionnelle et solutions de paie
    • Services-conseils en technologie et prestation
  • Qui nous servons
  • Qui nous sommes
    • Notre équipe
    • Nouvelles et prix
    • Associations et communauté
  • Nous contacter
  • Blogue

IT Security Analyst

mai 17, 2024 by

Typical Day in the Role:
– Conduct threat risk assessments on technology assets, specifically applications. Verify security controls, provide suggestion on compensating controls, and advise stakeholders on security best practices
– Work with third and fourth parties to capture data inputs to the assessments, including the review of testing reports and summaries
– Experience with architecture documentation – ability to recognize and identify risks based upon application design or implementation plan
– Review and evaluate responses to security assessments, collect and validate supporting evidence
-Review security and technical design documentation
-Understand compensating and mitigating controls
– Identify risks and understand their impact
– Clearly and intelligently communicate findings to stakeholders
-Provide guidance to stakeholders regarding risks and corresponding actions necessary to remediate said risks
-Prepare and report results to stakeholders and management
-Understand regulatory requirements and how they apply to the evaluation/assessment of tooling or solution
-Understand the financial regulations that legislate and impact technology and security controls
– Work closely with stakeholders, including application owners and business lines to ensure risk remediation or acceptance is addressed
– Conduct security risk assessments for 3rd and 4th party applications, components, services
-Understand cloud infrastructure and cloud security controls
-Work closely with third party relationship managers to define security expectations and hold vendor accountable for risk mitigation or remediation plans
-Collaborate with IT business partners and team leads

Must Have Skills/Requirements:
1. IT Security Analyst or related cybersecurity background (2+ years of experience, but will consider recent university graduates with a degree in Cyber or Information Security)
2. Recent experience working directly on Cyber Risk Assessments ( 2+ years, or 1 recent project)
3. Experienced with GCP or related Cloud Platforms
4. Prior knowledge of security engineering/architecture
5. Proficiency in MS Office with extended knowledge in MS Excel – 3+ years

Nice to have Skills:
– CISA OR CISSP Certification
– An understanding and experience with security controls/mechanisms and risk assessment techniques pertaining to complex data, application, infrastructure and networking environments proven through recent experience or last project
– Recent relevant Financial Industry Experience
– Extensive knowledge of Financial regulations and regulatory requirements (NYDFS, FIECC, Federal Reserve, Treasury, CFTC, etc.)
-Experience with vulnerability management tools such as Tripwire or Tenable
-Ability to read and interpret vulnerability, host audit/configuration and code scanning (DAST/SAST) reports

Soft Skills:
– Excellent grammar and communications skills to coordinate with senior leadership (Director, VP level and up), as well as C-Suite of some of the third party vendors
– Comfortable putting together and presenting risk assessments to a wide range of individuals
– Candidate must have a natural curiosity and the ability to assess each situation separately
– Fast, adaptable learner who can hit the ground running
-Strong organizational skills
– Ability to manage assigned tasks and expectations without direct instruction or oversight
– Ability to work well under pressure while demonstrating strong professionalism
– Must be able to collaborate closely with teams and independently
-Must be accountable to meet individual deadlines without hand holding

Education : -Bachelors/ Masters degree in cyber security, computer science, or related IT field

  • Appliquer maintenant
  • Voir tous les emplois

Footer

À PROPOS DE SYSTEMS NEXUS GROUP

Nexus est l’un des chefs de file nord-américains dans la prestation d’augmentation du personnel technologique et de consultation en ressources stratégiques. Grâce à son équipe de professionnels chevronnés qui utilise les meilleures méthodologies de leur catégorie, Nexus tient toujours plus que ses promesses, en livrant des résultats rapides, de qualité et dignes de foi à ses clients et consultants.

DERNIÈRES OPPORTUNITÉS

  • Advisor Solutions Manager juin 19, 2025
  • Bilingual Translation Proofreader juin 19, 2025
  • QA Test Lead – Salesforce juin 18, 2025
  • Software Developer juin 18, 2025

SOCIAL

  • Adresse mail
  • Facebook
  • Instagram
  • Linkedin
  • Twitter
Report on Business Canada's Top Growing Companies - Nexus Group
Nexus Group Growth 500 2019
Nexus Systems Group Growth 500 2018
NEXUS GROUP SYSTEMS GROUP INC. NEXUSGROUP.CA
  • Nous contacter
  • Politique de confidentialité
  • Termes et conditions