Senior Information Security Analyst GRC

CG Consulting Group - Toronto, ON (30+ days ago)

Apply Now

Senior Information Security Analyst GRC #29229

Request ID: 29229-1
Start/End Dates: 12/30/2019 - 10/29/2020
Work Location: Toronto - Yonge Street, at Front St
Job Title: IT - Info Security Analyst - Consultant

Job Description: Role Title: Senior Information Security Analyst
Line of Business: Enterprise-Wide
Target Start Date: December 30th, 2019 (ASAP)
Number of Positions: 1
Duration: 10 months from start date
Hours: Monday - Friday, 9:00 am – 5:00 pm - 7.5 hours/day. 37.50 hours/week. No overtime expected.
Possibility of Extension/Conversion: Extension is not expected but may be available depending on workload and business needs.

Reason the Role is Open: Net new position to support increased team workload

Group Information: Risk Management Services Team – This team is responsible for the security rick management enterprise-wide, providing security advise to the business and helping the business identify and monitor security risk.

Job Responsibilities:
  • Demonstrate experience in Information Security, Threat-risk assessments, Vulnerability & Penetration testing, and application security development projects
  • Execute detailed threat risk and information security assessments, deviations, coordination of penetration testing and reporting.
  • Help us complete requests from external partners (corporate and institutional clients) and recommend new controls to reduce risks.
  • Ability to give or find meaning to data.
  • Will be required to investigate complex problems and make sense of information.
  • Ability to communicate detailed and complex information in an impactful way to difference audiences.
  • Build and present documentation to executive management aimed at communicating potential risks and providing recommendations. Provide feedback to and participate in the design and implementation of security assessment processes across the organization. Research, design, and implement security monitoring practices and operationalize these processes across the group.
What Project Will the Contractor Be Working On: This role will be supporting process change initiatives related to risk assessments

Who Will the Contractor Be Working with on a Daily Basis: They will be working with the risk advisory team (those performing risk assessments day-to-day), the business integration team, and various technology teams as-needed.

Must-Have Skills/Experience:
  • 10+ years of Information Security experience
  • 2-5+ years of experience performing risk assessments, or strong familiarity with the risk assessment process
  • Exposure to process analysis/process engineering
  • Good presentation skills, able to create slide decks and presentation packages
  • Exposure to Agile Development processes
Nice to Have:
  • RSA Archer experience
  • CISSP certification
  • Previous banking experience
Soft Skills:
  • Strong Leadership & Coaching skills
  • Excellent verbal and written communication skills
  • Problem-solving skills, customer service and interpersonal skills
  • Ability to work independently and manage one’s time
Release Comments: This request will go on hold and be closed for submissions on Wednesday, December 11th at 3:15 pm.