• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter

1.844.822.0541

info@nexusgroup.ca

  • English
    • Français
  • Consultant Login
  • Find Your Opportunity
Nexus Systems Group

Nexus Systems Group

  • Home
  • What We Do
    • Staffing Solutions Made Easy
    • Contingent Workforce Management and Payroll Solutions
    • Technology Consulting and Delivery
  • Who We Serve
  • Who We Are
    • Our Team
    • News and Awards
    • Associations and Community
  • Contact Us
  • News

IT Security Analyst

May 17, 2024 by

Typical Day in the Role:
– Conduct threat risk assessments on technology assets, specifically applications. Verify security controls, provide suggestion on compensating controls, and advise stakeholders on security best practices
– Work with third and fourth parties to capture data inputs to the assessments, including the review of testing reports and summaries
– Experience with architecture documentation – ability to recognize and identify risks based upon application design or implementation plan
– Review and evaluate responses to security assessments, collect and validate supporting evidence
-Review security and technical design documentation
-Understand compensating and mitigating controls
– Identify risks and understand their impact
– Clearly and intelligently communicate findings to stakeholders
-Provide guidance to stakeholders regarding risks and corresponding actions necessary to remediate said risks
-Prepare and report results to stakeholders and management
-Understand regulatory requirements and how they apply to the evaluation/assessment of tooling or solution
-Understand the financial regulations that legislate and impact technology and security controls
– Work closely with stakeholders, including application owners and business lines to ensure risk remediation or acceptance is addressed
– Conduct security risk assessments for 3rd and 4th party applications, components, services
-Understand cloud infrastructure and cloud security controls
-Work closely with third party relationship managers to define security expectations and hold vendor accountable for risk mitigation or remediation plans
-Collaborate with IT business partners and team leads

Must Have Skills/Requirements:
1. IT Security Analyst or related cybersecurity background (2+ years of experience, but will consider recent university graduates with a degree in Cyber or Information Security)
2. Recent experience working directly on Cyber Risk Assessments ( 2+ years, or 1 recent project)
3. Experienced with GCP or related Cloud Platforms
4. Prior knowledge of security engineering/architecture
5. Proficiency in MS Office with extended knowledge in MS Excel – 3+ years

Nice to have Skills:
– CISA OR CISSP Certification
– An understanding and experience with security controls/mechanisms and risk assessment techniques pertaining to complex data, application, infrastructure and networking environments proven through recent experience or last project
– Recent relevant Financial Industry Experience
– Extensive knowledge of Financial regulations and regulatory requirements (NYDFS, FIECC, Federal Reserve, Treasury, CFTC, etc.)
-Experience with vulnerability management tools such as Tripwire or Tenable
-Ability to read and interpret vulnerability, host audit/configuration and code scanning (DAST/SAST) reports

Soft Skills:
– Excellent grammar and communications skills to coordinate with senior leadership (Director, VP level and up), as well as C-Suite of some of the third party vendors
– Comfortable putting together and presenting risk assessments to a wide range of individuals
– Candidate must have a natural curiosity and the ability to assess each situation separately
– Fast, adaptable learner who can hit the ground running
-Strong organizational skills
– Ability to manage assigned tasks and expectations without direct instruction or oversight
– Ability to work well under pressure while demonstrating strong professionalism
– Must be able to collaborate closely with teams and independently
-Must be accountable to meet individual deadlines without hand holding

Education : -Bachelors/ Masters degree in cyber security, computer science, or related IT field

  • Apply Now
  • See All Jobs

Footer

ABOUT NEXUS SYSTEMS GROUP

Nexus is one of North America’s leaders in the provision of technology staff augmentation and strategic resource consulting. With a team of talented professionals using best of breed methodologies, Nexus consistently over delivers with quick, quality and trusted results to its clients and consultants.

LATEST OPPORTUNITIES

  • Junior IT Business Analyst – AI/Archer July 3, 2025
  • Senior IT Business Analyst – AI/Archer July 3, 2025
  • QA Analyst July 3, 2025
  • ServiceNow Developer/Designer x2 July 3, 2025

SOCIAL

  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
Report on Business Canada's Top Growing Companies - Nexus Group
Nexus Group Growth 500 2019
Nexus Systems Group Growth 500 2018
NEXUS GROUP SYSTEMS GROUP INC. NEXUSGROUP.CA
  • Contact Us
  • Terms & Conditions
  • Privacy Policy