Senior Information Security Analyst GRC #29229
12/30/2019 - 10/29/2020
Toronto - Yonge Street, at Front St
IT - Info Security Analyst - Consultant
Role Title: Senior Information Security Analyst
Line of Business:
Target Start Date:
December 30th, 2019 (ASAP)
Number of Positions:
10 months from start date
Monday - Friday, 9:00 am – 5:00 pm - 7.5 hours/day. 37.50 hours/week. No overtime expected.
Possibility of Extension/Conversion:
Extension is not expected but may be available depending on workload and business needs.
Reason the Role is Open:
Net new position to support increased team workload
Risk Management Services Team – This team is responsible for the security rick management enterprise-wide, providing security advise to the business and helping the business identify and monitor security risk.
What Project Will the Contractor Be Working On:
- Demonstrate experience in Information Security, Threat-risk assessments, Vulnerability & Penetration testing, and application security development projects
- Execute detailed threat risk and information security assessments, deviations, coordination of penetration testing and reporting.
- Help us complete requests from external partners (corporate and institutional clients) and recommend new controls to reduce risks.
- Ability to give or find meaning to data.
- Will be required to investigate complex problems and make sense of information.
- Ability to communicate detailed and complex information in an impactful way to difference audiences.
- Build and present documentation to executive management aimed at communicating potential risks and providing recommendations. Provide feedback to and participate in the design and implementation of security assessment processes across the organization. Research, design, and implement security monitoring practices and operationalize these processes across the group.
This role will be supporting process change initiatives related to risk assessments
Who Will the Contractor Be Working with on a Daily Basis:
They will be working with the risk advisory team (those performing risk assessments day-to-day), the business integration team, and various technology teams as-needed.
Nice to Have:
- 10+ years of Information Security experience
- 2-5+ years of experience performing risk assessments, or strong familiarity with the risk assessment process
- Exposure to process analysis/process engineering
- Good presentation skills, able to create slide decks and presentation packages
- Exposure to Agile Development processes
- RSA Archer experience
- CISSP certification
- Previous banking experience
- Strong Leadership & Coaching skills
- Excellent verbal and written communication skills
- Problem-solving skills, customer service and interpersonal skills
- Ability to work independently and manage one’s time
This request will go on hold and be closed for submissions on Wednesday, December 11th at 3:15 pm.