Cyber Security Risk Analyst

Grade Level (for internal use): 10

S & P Dow Jones Indices

Role: Cyber Security Engineer

Team: Are you passionate about cyber security? Do you enjoy solving complex problems and collaborating with diverse teams? The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement. The Cyber Security Risk Analyst will join a team responsible for safeguarding the sensitive financial data and systems of the organization. Our team typically operates in a dynamic environment and values the ability to adapt to evolving cyber threats while maintaining the confidentiality, integrity, and availability of our critical financial assets.

As the embedded Cyber Security Risk Analyst, you will participate in tasks and projects from inception to completion, build relationships with IT and Business partners, recommend process solutions and approaches that tackle challenging cyber problems and minimize risk for the business.

Enhance your complex problem‑solving skills by collaborating with diverse IT teams. The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement. Strengthen your Cloud compute skills by working in an Agile and Cloud environment.

• Escalate, manage, and report on divisional cyber security risk
• Prioritize the mitigation of identified vulnerabilities within the business division. Work with the various platform teams to resolve vulnerabilities, resolve false positives with the team and/or vendor to remain or bring platforms in compliance with the organizations policies and standards
• Collaborate with internal and external stakeholders to ensure compliance with regulatory requirements
• Assists in the review of standards, policies, and procedures and performs rationalization per compliance guidelines. Supports the development and maintenance of system level documentation
• Assists in the performance of application risk assessments. Internal Audit and Client requests for information
• Influence and manage the onboarding of developers for secure code training to augment the enterprise security awareness training
• Serve as the divisional security champion for developers

• Bachelor's or Master’s degree in Computer Science, Information Systems or similar fields
• 5+ years’ experience in Information Security, Audit or Compliance
• Experience with Vulnerability Patch Management
• Experience with Application Security
• Experience in Offensive or Defensive Security techniques
• Exposure with Software Security Architecture, System Design and Analysis Skills
• Experience with ISO 27001, NIST SP 800-53, or other relevant standards (preferred)
• Financial services industry experience
• Certification in CISSP, CISM, CRISC, CISA, or equivalent
• Project management skills
• Excellent communication, analytical, and problem-solving skills

Toronto, Canada (Hybrid – 2 days onsite)

• Health & Wellness: Health care coverage designed for the mind and body.
• Flexible Downtime: Generous time off helps keep you energized for your time on.
• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
• Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company‑matched student loan contribution, and financial wellness programs.
• Family Friendly Perks: It’s not just about you. S & P Global has perks for your partners and little ones, too, with some best‑in‑class benefits for families.
• Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

S & P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.

US Candidates Only: The EEO is the Law Poster describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision – https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf

IFTECH103.1 - Middle Management Tier I (EEO Job Group)

Job ID: 321715

Posted On: 2025-11-05

Location: Toronto, Ontario, Canada