CAN – Security Specialist V (Security Metrics & Reporting) (Contract)
Start Date: ASAP
Duration: 8 months
Extension: Possible (based on business needs and performance)
Conversion: Possible (based on business needs and performance)
Schedule: Mon–Fri, core business hours (37.5 hrs/week)
Location: Hybrid – Toronto, ON (2 days onsite; may increase to 4 days)
Overtime: No
Role Overview
Seeking a Security Metrics & Reporting Analyst to support BAU execution of cybersecurity metrics across GRC-related functions. This role focuses on recurring metric refreshes, dashboard maintenance, data quality validation, and delivery of executive and operational reporting in partnership with security domain teams and data owners.
Key Responsibilities
- Execute recurring security metric refresh cycles (weekly/monthly/quarterly)
- Maintain reporting calendars; track dependencies, completion, and exceptions
- Maintain dashboards and reporting outputs (e.g., Power BI/Tableau), including refresh validation and formatting
- Produce executive and operational reporting packages (scorecards, ops reviews, risk reports)
- Perform data quality checks (variance analysis, logic validation, missing data flags)
- Document metric definitions, calculations, and data sources
- Support metric changes (definitions, thresholds, dashboard enhancements) through governance
- Act as a point of contact for metric clarification, narratives, and audit evidence support
Required Qualifications
- 5+ years of experience in reporting, analytics, operations, cybersecurity support, IT risk, or compliance
- Advanced Excel and strong PowerPoint skills
- Experience with at least one BI/dashboarding tool (Power BI, Tableau, or Qlik)
- Strong communication skills with technical and non-technical stakeholders
- High attention to detail and comfort managing recurring deliverables and deadlines
Nice to Have
- Familiarity with cybersecurity domains (SOC/IR, vulnerability, IAM, security awareness)
- Experience with security data sources (ServiceNow, Archer, Splunk/Sentinel, Tenable/Qualys)
- Knowledge of security frameworks (NIST CSF, ISO 27001)
Note: We use AI tools to obtain basic information, detect plagiarism, false employment history or references, categorize skills, and perform an initial match against the job posting.
