Job Title: Cyber Security Risk Analyst
Location: Toronto, ON (Remote)
Duration: 12 Month’s Contract – Potential for extension
We are looking for an experienced individual to fulfil the role of a Security Analyst in our Information Technology Services team. This is an exciting opportunity for an individual who has experience in conducting cyber security risk assessments and security by design for Business requirements and projects. The Security Analyst will work with Business, Risk, Privacy and Technology teams to assess and analyze cyber security risks. The individual is expected to provide security recommendations in accordance with assessed threats and risks, while also taking into consideration required compliance and regulatory aspects of the Business. This individual is expected to document and track identified risks and recommendations through the Security Assessment report (SAR) & Quality Risk Management (QRM) and seek NITSO approvals where required.
• Act as a liaison with Business and Risk teams to gather information on Business projects and requirements. Review security in Business applications & services to ensure they meet security standards and compliance.
• Act as a subject matter expert in Cyber security related to Business requirements while ensuring prioritization of Business requirements.
• Develop and maintain security tracking for critical Business projects.
• Liaise with privacy and risk teams to align security assessments.
• Coordinate with Business and technology teams to ensure security requirements are documented as needed.
Skills & Qualification:
• Excellent knowledge of information security standards/practices (e.g., CSA CCM, ISO, PCI DSS, NIST CSF, NIST 800:53 etc.), and aspects related to data security protection.
• Previous security experience in a consultancy role collaborating with internal Technology, Project and Business teams.
• Experience interpreting business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers.
• Experience in providing security recommendations by assessing and analyzing application security testing outcomes from Secure Code review, DAST & SAST.
• Applied knowledge of methodologies to conduct threat-modeling exercises on new applications and services.
• Ability to articulate risks and recommendations by way of formal documentation along with the ability to explain the risks to Leadership as needed.
• 5+ years’ experience with secure design and project risk assessments for cloud and on-prem environments including SAAS solutions.
• Bachelor's or master's degree in information technology, Computer Science, or a related work experience, or equivalent.
About US Tech Solutions:
US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit www.ustechsolutions.com.