Location: WFH – Toronto
Contract Duration: 6 months
Your Business Line: Need an advisory to lead a project and provide risk assessment process, and provide risk assessment document. Have to review the security document with architect team to determine controls that need to be replaced.
Story Behind the Need
• Project Summary: The main function of a IT Security Analyst is to plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction or disclosure of information.
A typical IT Security Analyst is responsible for planning, coordinating and implementing security measures to safeguard the computer database.
The role is critical to continue the work on Trade Risk Assessments (TRAs) for Medium-Critical projects, and track the remediation of risk items identified in previous threat risk assessments.
Work on threat risk assessments and track the remediation of risk items identified in previous Trade Risk Assessments (TRAs)
Job Responsibilities:
– Identify security issues and risks, and develop mitigation plans
– Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
– Develop and interpret security policies and procedures
– Participate in security compliance efforts
– Develop and deliver training materials and perform general security awareness and specific security technology training
– Evaluate and recommend new and emerging security products and technologies
Is this role right for you?
– You want to be leading complex projects providing security advise to ensure information security risk are mitigated.
– You thrive in solutioning for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.).
– You excel in reviewing documents (Security Design) and creating assessment documents (Threat Risk Assessment).
– You are passionate in new technologies and enjoy the challenges of implementing security controls to protect them.
– Working on different types of projects (from large complex to simple) is a part of your DNA.
– You love to collaborate with various business lines, IT support functions and IS&C Control functions.
Qualifications of Must have skills:
1. You possess advanced communication (verbal/written/presentation) skills in English.
2. You have at least 5 years of hands-on technical working experience in performing threat risk assessments on complex applications and network environments.
3. You have at least 5 years of hands-on technical working experience with security controls/mechanisms.
4. You have used industry leading productivity tools to produce quantitative/qualitative reports; data flow diagrams & visual presentations.
Nice to have skills:
1. Advanced communication (verbal/written/presentation) skills in Spanish is a strong asset.
2. Certifications (CISSP, CISM, CCSP, CRISC) are nice to have.
3.Prior work experience within Risk Management for FI or Banking is an asset
Education:
Post-secondary education in Computer Science or in a related field.