Security Risk Analyst
Brainhunter
Ontario, Ottawa
$88.5K-$110.6K a year (estimated)
Full-time
Security Risk Analyst - #61207
About the Job :
Mindwire is currently seeking a Security Risk Analyst to work for our valued Crown Corporation Client.
The position is located in Ottawa, Ontario and requires 8 days a month on site.
Responsibilities :
- Assist in the ongoing evolution of a metrics management and reporting framework for the Cyber Security Division, including evolving and maturing KPIs and KRIs for Cyber Security Risk Management.
- Ensure that cyber metrics and reporting framework aligns with the enterprise risk management framework in place.
- Facilitate workshops with technical and non-technical stakeholders to document functional and non-functional requirements as they relate to cyber risk management metrics and reporting.
- Assist with the development and implementation of a Cyber risk governance framework to enable risk base decision making.
- Leverage reporting dashboards, KRIs and KPIs to prepare reports for senior leaders through consultation with senior cyber stakeholders.
- Assess and provide recommendations on technical or non-technical solutions to support the ongoing operation of a metrics management and reporting framework for Cyber Security Risk Management.
- Assess and provide recommendations on cyber hygiene metrics and reporting.
- Ensure that the chosen risk initiatives are closely aligned with the Bank’s cyber security strategy, mission and vision.
Requirements and Qualifications :
- University degree or college diploma in computer science, information technology, cyber security or risk
- management
- A minimum of seven (7) years of demonstrated experience in a risk or cyber risk management role
- A minimum of three (3) years of demonstrated experience managing small to large projects, both business and IT related
- Demonstrated experience developing Key Performance Indicators and Key Risk Indicators for cyber security
- risk management
- Demonstrated experience creating dashboards and reports for performance reporting metrics for various audiences
- Demonstrated knowledge of Enterprise Risk Management
- Demonstrated knowledge of business process model and notation standards
- Demonstrated experience in facilitating workshops with technical and non-technical resources to document functional and non-functional requirements and processes
30+ days ago