Enable job alerts via email!
IT Security Risk Analyst
Onico Solutions
Richmond Hill
Remote
CAD 80,000 - 100,000
Full time
Job summary
A leading IT security firm in Richmond Hill is looking for an IT Security Risk Analyst to support their Information Security Risk Management programs. The role requires expertise in risk assessments and strong knowledge of security technologies. Responsibilities include identifying risks, recommending mitigation strategies, and collaborating with stakeholders. This is a permanent position with remote work until deemed safe.
Qualifications
- 3+ years of experience with IT Security Risk Management/Risk Assessments.
- 3+ year of experience with IT Security policies, standards, procedures and guidelines.
- Strong knowledge of Information Security controls for various platforms.
Responsibilities
- Identify, assess and monitor Information Security risks.
- Recommend controls to reduce inherited risk.
- Support security audits and remediation of identified gaps.
The IT Security Risk Analyst supports the Information Security Risk Management and Governance programs. They work with technology and business stakeholders to identify Information Security risks, conduct risk assessments, recommend risks mitigation strategies, and monitor identified risks throughout its lifecycle. They also update and monitor Key Performance Indicators (KPI’s), Key Risk Indicators (KRI’s), Service Level Agreements (SLA’s), and other documentation related to the Information Security program. They contribute to the creation of management reporting to convey the status of Information Security risks and governance metrics across the organization.
This role requires an experienced subject matter expert who has in-depth understanding of Information Security controls across a broad range of technologies and platforms.
- Identification, assessment and monitoring of Information Security risks.
- Recommendation of compensating controls to reduce inherited risk to an acceptable level.
- Development and maintenance of Information Security risk and governance KPI’s, KRI’s, and SLA’s.
- Support for security audits, prioritization and remediation of identified gaps.
- Creation and maintenance of Information Security policies and other risk and governance documentation
- Implementation and operation of risk and governance technology tools and processes
- Collaboration with different stakeholders to manage Information Security risks in a timely matter
- 3+ years of experience with IT Security Risk Management/Risk Assessments
- 3+ year of experience with IT Security policies, standards, procedures and guidelines
- Experience working with and managing external vendors
- Strong knowledge of Information Security controls for Mobile, IoT, Cloud, Applications, Network and System infrastructure
- Excellent knowledge of security technologies which are commonly used in enterprises to protect information systems, both on premise and in the Cloud. Hands-on design, implementation and management of variety security technologies are strong assets.
- Working knowledge of Information Security and Risk Management frameworks like ISO27001, ISO27005 and NIST CSF and NIST 800-30
- Understanding of legal and regulatory compliance standards and requirements like PCI-DSS and PIPEDA
- CISSP, CISA, CRISC and other security certifications are a strong asset.
This is a permanent position located in Toronto (work from home until deemed safe).
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
