IT Security Analyst - Cyber Security Threat Risk Assessment
Contract Duration 6 months - potential for conversion to FTE within 6 months
Typical Day in the Role:
IT Security Analyst - Cyber Security Threat Risk Assessment will conduct threat risk assessments on technology assets, specifically applications.
Verify security controls, provide suggestions on compensating controls, and advise stakeholders on security best practices
Work with third and fourth parties to capture data inputs to the assessments, including the review of testing reports and summaries
Experience with architecture documentation – ability to recognize and identify risks based on application design or implementation plan
IT Security Analyst will review and evaluate responses to security assessments, collect and validate supporting evidence
Review security and technical design documentation
Understand compensating and mitigating controls
Identify risks and understand their impact
Clearly and intelligently communicate findings to stakeholders
Provide guidance to stakeholders regarding risks and corresponding actions necessary to remediate said risks
Prepare and report results to stakeholders and management
Understand regulatory requirements and how they apply to the evaluation/assessment of tooling or solution
Understand the financial regulations that legislate and impact technology and security controls
IT Security Analyst will work closely with stakeholders, including application owners and business lines to ensure risk remediation or acceptance is addressed
Conduct security risk assessments for 3rd and 4th party applications, components, services
Understand cloud infrastructure and cloud security controls
Work closely with third-party relationship managers to define security expectations and hold vendors accountable for risk mitigation or remediation plans
Collaborate with IT business partners and team leads
Soft Skills:
Excellent grammar and communications skills to coordinate with senior leadership (Director, VP level and up), as well as C-Suite of some of the third-party vendors
Comfortable putting together and presenting risk assessments to a wide range of individuals
Candidate must have a natural curiosity and the ability to assess each situation separately
A fast, adaptable learner who can hit the ground running
Strong organizational skills
Ability to manage assigned tasks and expectations without direct instruction or oversight
Ability to work well under pressure while demonstrating strong professionalism
Must be able to collaborate closely with teams and independently
Must be accountable to meet individual deadlines without hand-holding
Required Education:
Bachelors/ Masters degree in cyber security, computer science, or related IT field
Must-Have Skills/Requirements:
IT Security Analyst or related cybersecurity background (3+ years of experience)
Recent experience working directly on Cyber Risk Assessments ( 2+ years, or 1 recent project)
An understanding and experience with security controls/mechanisms and risk assessment techniques pertaining to complex data, application, infrastructure, and networking environments proven through recent experience or the last project
Proficiency in MS Office with extended knowledge in MS Excel ed) – 3+ years
CISA OR CISSP Certification
Nice To Have Skills:
Recent relevant Financial Industry Experience
Extensive knowledge of Financial regulations and regulatory requirements (NYDFS, FIECC, Client, Treasury, CFTC, etc.)
Experience with vulnerability management tools such as Tripwire, Nessus, Pentera
Ability to read and interpret vulnerability reports, code scans
Note:
Candidate may be required to provide other IT Security support as needed
No candidates with an IT Risk background unless they have strong cyber experience or educational background
No project managers
Candidates may work remotely with periodic meetings onsite in NYC offices
Benefits:
Medical, Vision, and Dental Insurance Plans
401k Retirement Fund
About The Company
Our client is one of Canada's Big Five banks. It serves more than 25 million customers around the world and offers a range of products and services including personal and commercial banking, wealth management, and corporate and investment banking.
Why work with our client? Because your career is a journey, together you can fill it with challenges, mutual inspiration, and growth for every future. This company is an internationally recognized and award-winning workplace. They are always on the lookout for fresh thinking and unique skills. Our client put their people first, and because this company is performance-based and driven to succeed, its employees are rewarded for their contributions.
#gtttf
Seniority level
Mid-Senior level
Employment type
Contract
Job function
Information Technology
Industries
Staffing and Recruiting
Referrals increase your chances of interviewing at Global Technical Talent, an Inc. 5000 Company by 2x