Jr Security Analyst

Job Title: Jr Security Analyst
Location: Toronto, ON – Remote (anywhere in Canada).
Estimated Duration: 5 Months
Term: expected to run until July

Description
Our client is an industry leading firm that serves clients on a variety of specialized projects that help them to work smarter, grow faster and compete better.

Why join their contract workforce?
– Interesting work: Deliver work that matters to you. We provide the opportunity to get involved in highly technical, complex and interesting projects where you can leverage your specific skillset and expertise to add value.
– Enrich your skills: Access to best-in-class technology, market intelligence and resources to advance your unique technical skills and expertise. Work alongside diverse, passionate and highly skilled professionals working together to drive innovation.
– Flexible opportunities: Find projects that match when and where you want to work.

The opportunity:
Our client is looking for an individual to fulfil the role of a Junior Security Analyst on their DSG team. This is an exciting opportunity for an individual who has experience in conducting cyber security risk assessments and security by design for Business requirements and projects
The Junior Security Analyst will work with Business, Risk, Privacy and Technology teams to assess and analyze cyber security risks. The individual is expected to provide security recommendations in accordance with assessed threats and risks, while also taking into consideration required compliance and regulatory aspects of the Business. This individual is expected to document and track identified risks and recommendations through the Security Assessment report (SAR) & Quality Risk Management (QRM) and seek NITSO approvals where required.

What you will do:

• Act as a liaison with Business and Risk teams to gather information on Business projects and requirements. Review security in Business applications & services to ensure they meet security standards and compliance.
• Act as a subject matter expert in Cyber security related to Business requirements while ensuring prioritization of Business requirements.
• Develop and maintain security tracking for critical Business projects.
• Liaise with privacy and risk teams to align security assessments.
• Coordinate with Business and technology teams to ensure security requirements are documented as needed.

Your qualifications:

• 2+ years’ experience with secure design and project risk assessments for cloud and on-prem environments including SAAS solutions
• Excellent knowledge of information security standards/practices (e.g., CSA CCM, ISO, PCI DSS, NIST CSF, NIST 800:53 etc.), and aspects related to data security protection
• Previous security experience in a consultancy role collaborating with internal Technology, Project, and Business teams
• Bachelor’s or master’s degree in information technology, Computer Science, or a related work experience, or equivalent
• Working knowledge of AI systems and security controls applicable to AI solutions and technologies
• Experience in providing security recommendations by assessing and analyzing application security testing outcomes from Secure Code review, DAST & SAST
• Applied knowledge of methodologies to conduct threat-modeling exercises on new applications and services
• Ability to articulate risks and recommendations by way of formal documentation along with the ability to explain the risks to Leadership as needed

Nice to have:

• The ideal candidate will maintain one or more of the following certifications: CISSP, CRISC, ISSAP, CISM, CISA, CCSP