Security analyst • toronto on
By collaborating with multi-disciplinary teams, cross-functional departments, stakeholders, and vendors, this role is responsible for implementing and measuring various aspects of corporate cyber r...Show more
As a Security Concierge, you’ll be responsible for assisting residents by providing information and services as needed.This role requires someone that is self-motivated, outgoing, detail-oriented a...Show more
We are seeking a highly credentialed Sr.Cybersecurity Analyst for a 24-month engagement in Toronto.This role is focused on the Governance, Risk, and Compliance (GRC) aspects of both Information Tec...Show more
At Alstom, we understand transport networks and what moves people.From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility...Show more
As an Information Security Specialist, you will play a critical role in detecting, investigating, and responding to cyber threats targeting TD.You will work within the Cyber Security Incident Respo...Show more
BUILD YOUR CAREER AT BLACK & MCDONALD.Black & McDonald is an integrated, multitrade service provider that safely delivers high quality construction, facilities management, and technical solutions.W...Show more
At Aviso, we are dedicated to improving the financial well-being of Canadians.As a leading wealth management organization, we are committed to leadership, innovation, partnership, responsibility, a...Show more
Senior Analyst, Data Security, Consumer-Driven Banking.The Bank of Canada has a vision to be a leading central bank—dynamic, engaged and trusted—committed to a better Canada.No other employer in th...Show more
Are you looking to join one of Greater Toronto’s Top 2026 Employers ?.The Ontario Medical Association (OMA) advocates for and supports doctors, seeking to strengthen their leadership role in caring...Show more
Lead Technical Security Analyst.RBC & its subsidiaries within the Identity & Access Management team, with a focus on passwordless authentication ( Secret Double Octopus), RSA Token, and Microsoft E...Show more
BMO is an organization driven by a shared Purpose: Boldly Grow the Good in business and life.It calls on members of its team, to create lasting, positive change for its customers, its communities, ...Show more
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.Contributes to the successful delivery and operational support of the Cloud, ensuring specific ...Show more
Hybrid- 2 days in office 9am-5pm .Clear understanding of the Three Lines of Defence model and its application within risk and control frameworks.ServiceNow Vulnerability Response / Configuration Co...Show more
AFIMAC is seeking licensed Security Guards for upcoming projects throughout the province of Ontario.Please note this is a temporary contract position, so it may not be suitable to someone currently...Show more
Lead Technical Security Analyst.RBC & its subsidiaries within the Identity & Access Management team, with a focus on passwordless authentication ( Secret Double Octopus), RSA Token, and Microsoft E...Show more
Founded in Montreal in 1846, Laurentian Bank is committed to serving its customers and fostering deep relationships with specialized groups.Laurentian Bank runs operations across Canada – primarily...Show more
Paladin Security is Hiring a Security Guard Healthcare!.Various 8 to 12-hour shifts (Rotating, Continental).This is a great opportunity for candidates looking to build a long-term career in a fast-...Show more
Each Security Personnel is responsible for providing all occupants of the CN Tower with the highest standards of life safety and security, service excellence, attraction quality, location cleanline...Show more
The Core Responsibilities!
By collaborating with multi-disciplinary teams, cross-functional departments, stakeholders, and vendors, this role is responsible for implementing and measuring various aspects of corporate cyber risk and compliance matters. The role will support project teams and work towards ensuring that the organization is meeting the necessary regulatory requirements.
Maintaining and updating the cyber risk register to ensure it accurately reflects the current risk profile of the organization.
Collaborating with stakeholders across the organization to identify and assess potential risks and control measures, and documenting these in the risk register.
Regularly reviewing risk ratings and mitigation strategies in the risk register to ensure they remain relevant and effective.
Monitoring and reporting on cyber risk management activities including trends and remediation progress to management and other stakeholders.
Identifying opportunities to improve risk management processes and the use of the risk register and working with relevant stakeholders to implement these improvements.
Staying up to date with industry trends and best practices in cyber risk management.
Ensuring the alignment between the risk register and the company’s overall cyber risk strategy.
Providing training and support to other employees on risk management processes and the use of the risk register.
Conducting cyber-risk assessments of third-party vendors, including gathering data, performing analysis and providing recommendations.
Reviewing and analyzing vendor security policies, procedures and controls to ensure compliance with regulatory requirements and industry standards.
Developing risk assessment reports and other documentation for third-party vendors, including risk ratings, mitigation plans, and recommended actions.
Collaborating with stakeholders to ensure that third-party vendor risk assessments are conducted in a timely and effective manner.
Assist with the preparation and execution of audit, red team, and tabletop exercises by efficiently collecting and organizing relevant information, and effectively communicating findings and recommendations to key stakeholders.
Provide cyber security governance and cyber risk management expertise and guidance to project teams and other stakeholders.
Fostering a risk-aware culture throughout the organization, where cyber risk is integrated into all operational processes.
Let's Talk About You!
Bachelor’s degree in computer science, Information Security, or a related field.
At least 3 years of experience in cyber security governance and risk management (or related 2nd or 3rd line-of-defense).
Strong understanding of cyber security risk management methodologies and frameworks.
Knowledge of industry regulations such as NIST, OSFI B-13 and OSFI B-10.
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.
Maintain or working towards a CRISC, ISO27001 Lead implementer/Lead Auditor, CISA or CISM certification or similar is required.
){kind=logo}
