About our Client:
Our client is a leading organization in the financial services sector, focusing on delivering secure and reliable solutions for their customers. They are dedicated to ensuring compliance with industry standards and regulatory requirements while supporting a wide range of IT projects. They value innovation, customer engagement, and maintaining a secure operational environment.
About the Role:
Our client is seeking a dynamic Security Analyst to join their team on a 1-year renewable contract. You will be a key member of a security team that collaborates with IT projects to identify and mitigate risks. Your day will begin with a scrum meeting with the security team, followed by independent assessments of security requirements within various IT sectors. Although you will work independently to identify risks, you will receive support and guidance as an active member of the security team.
Responsibilities:
- Participate in project planning sessions to define security roadmaps.
- Identify security requirements and potential risks, ensuring alignment with the company's security framework.
- Categorize information assets and evaluate risk scenarios to mitigate residual risks.
- Present residual risks to asset owners and collaborate in defining actionable plans.
- Provide guidance on information security best practices to support IT teams.
- Offer professional and pragmatic security recommendations in line with established standards and the company's risk appetite.
- Maintain and manage security documentation, utilizing advanced Microsoft Office skills (Word, Excel, PowerPoint).
Candidate Profile:
The ideal candidate should possess:
- Strong communication, time management, and report writing skills.
- Expertise in information security technologies and security concepts such as encryption, logging, monitoring, access management, and cloud computing.
- Problem-solving, organizational, and analytical skills to articulate complex security concepts clearly.
- Experience managing documents and presentations using Microsoft Office.
- Familiarity with networking fundamentals (strong asset).
- Ability to work independently and maintain effective relationships with stakeholders of various levels.
- Understanding of IT project lifecycles including requirements, analysis, planning, design, development, and release.
- Knowledge of regulatory requirements and information security standards (e.g., NIST, ISO 27001) and best practices.
- Familiarity with Lean/Agile principles (an asset).
- Experience in the insurance and financial services industry (an asset).
- Bilingual proficiency (French/English) (an asset).
Education and Experience:
- Minimum of 4 years of experience in cybersecurity controls and risk management.
- An undergraduate degree (or higher) in Information Security Management, Risk Management, Computer Science, Engineering, or a related field.
- Industry-recognized certifications such as CISSP, CISM, or CISA (an asset).
- Strong understanding of cybersecurity frameworks and guidelines (e.g., ISO 27001, NIST SP 800-30/34, NIST CSF).
Start Date: As soon as possible
Language Requirements: Bilingual French/English (an asset)