Your Business Line:
• Enterprise Technology Advisory Services – Risk assessments. Need an advisory to lead a project and provide risk assessment process, and provide risk assessment document.
• Have to review the security document with architect team to determine controls that need to be replaced.
Story Behind the Need:
• Project Summary : The main function of a IT Security Analyst is to plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction or disclosure of information.
• A typical IT Security Analyst is responsible for planning, coordinating and implementing security measures to safeguard the computer database.
• The role is critical to continue the work on Trade Risk Assessments (TRAs? for Medium-Critical projects, and track the remediation of risk items identified in previous threat risk assessments.
• Work on threat risk assessments and track the remediation of risk items identified in previous Trade Risk Assessments (TRAs)
• Identify security issues and risks, and develop mitigation plans Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles Develop and interpret security policies and procedures
• Participate in security compliance efforts
• Develop and deliver training materials and perform general security awareness and specific security technology training
• Evaluate and recommend new and emerging security products and technologies
Best Vs Average Candidate:
Is this role right for you?
• You want to be leading complex projects providing security advise to ensure information security risk are mitigated.
• You thrive in solutioning for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.).
• You excel in reviewing documents (Security Design) and creating assessment documents (Threat Risk Assessment).
• You are passionate in new technologies and enjoy the challenges of implementing security controls to protect them.
• Working on different types of projects (from large complex to simple) is a part of your DNA.
• You love to collaborate with various business lines, IT support functions and IS&C Control functions.
Qualifications of Must have skills:
Do you have the skills that will enable you to succeed in this role?
• You possess advanced communication (verbal/written/presentation) skills in English.
• You have at least 5 years of hands-on technical working experience in performing threat risk assessments on complex applications and network environments.
• You have at least 5 years of hands-on technical working experience with security controls/mechanisms.
• You have used industry leading productivity tools to produce quantitative/qualitative reports; data flow diagrams & visual presentations.
Nice to have skills:
• Advanced communication (verbal/written/presentation) skills in Spanish is a strong asset.
• Certifications (CISSP, CISM, CCSP, CRISC) are nice to have.
• Prior work experience within Risk Management for FI or Banking is an asset
• Post-secondary education in Computer Science or in a related field.
Candidate Review & Selection Process:
• Interview with 2 senior managers and Director – Virtual- Camera ON!