Security Risk Consultant

78440
Markham, Ontario
Contract
4 weeks ago

Position Title: Security Risk Consultant
Accountabilities:
1. Risk Assessment – 45%
• Provides expertise on the impact to the current state and recommends future-state security
processes for new or updated information systems.
• Audits and assesses risks to recommend secure designs.
• Provide Security Advisory & Consultation services for product/service acquisition, solution design,
implementation and management of major IT systems, projects, initiatives, M&A, new product
development.
• Perform thorough and timely threat risk assessment (TRA) on applications, systems, processes and
solution integrations, including cloud-based solutions and vendor services.
2. Security Controls design – 35%
• Leads the design, engineer and implementation of new security controls, solutions/technologies.
• Review current security system security measures, recommend and implement enhancements.
• Perform security technology evaluations and proof of concepts for service improvements, in-flight projects
and emerging technologies.
• Investigate, design & architect specific cybersecurity controls as they are identified and required.
3. People management – 20%
• Lead one or more teams of cyber professionals to meet the organization’s expectations for productivity,
quality, continuous improvement, and goal accomplishment.
• Plan and allocate resources to effectively staff and accomplish the work to meet departmental productivity
and quality goals.
Qualifications:
• Bachelor’s Degree in Computer Science/ Computer Engineering or equivalent experience.
• Requires 10+ years of related experience in Information Systems Security design and
development.
• Security certification of one or more of the following: CISSP, CRISC, CCSP, CISM, CISA, or
equivalent.
• Data security risk management and mitigation processes and governance frameworks (e.g. ISO
27001/2, NIST, COBIT, etc.).
• IT governance, risk, and compliance (GRC) principles, standards, and best practices (e.g. risk
management, governance, information security controls, etc.).
• Threat and attack landscape, vectors, vulnerabilities, and how they are leveraged by malicious
actors.
• Continous integration/deployment (CI/CD) practices.
• Incident response processes to investigate and respond to security incidents.
• Cross-functional applications and interdependencies for a variety of technical platforms and
solutions, including network concepts and protocols.
• Systems Development Life Cycle (SDLC) and Agile methodology and principles.
• End-to-End project coordination and collaboration.
• Code versioning tools (e.g. GIT).
• Data visualization tools to prepare flow charts, models, and other documentation used in
leadership decision-making (e.g. Visio).
• Trouble ticketing tools.
• Interpersonal, oral, and written communication skills.
• Analytical, critical thinking, and problem-solving skills.

 

The pay range that the employer reasonably expects to pay for this position is between and

Our voluntary benefits offering includes medical, dental, vision and retirement benefits.

Applications will be accepted on an ongoing basis.

Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.

Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.

Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!

Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.

Open ears. Open minds. Open futures