Int. Business Analyst to support the Cyber SME Training & Awareness program and Cybersecurity Services.

Job Type: Contract
Positions to fill: 1
Start Date: Jun 06, 2022
Job End Date: Jun 30, 2023
Pay Rate: Hourly: Negotiable
Job ID: 119176
Location: Calgary, Edmonton, Halifax, Montreal, Ottawa, Regina, Toronto, Vancouver, Victoria, Winnipeg
Our valued client in the financial sector is seeking an Int. Business Analyst for an initial 12-months contract (100% Remote)

The Cyber & Information Security service provider will support the Cyber SME Training & Awareness program and Cybersecurity Services (EIS team), contributing to the planning, execution, monitoring, reporting operational and change initiatives under the Training & Awareness work stream.

  • Plan, execute and report on phishing campaigns (monthly frequency). We currently leverage Knowbe4 platform to support our phishing simulations and will introduce Microsoft solution to complement the monthly campaigns.
  • Address inquires and triage all suspicious emails coming to our Phishing inbox (daily).
  • Research/plan and deliver content for Cyber Tips (weekly) – awareness content that is part of executive cascade to all resources.
  • Research/plan and deliver content for cyber awareness campaigns, special training sessions; for example, prepare script (story board) and record short video series (2-3 min duration), monthly voice over reports with phishing results, cyber onboarding material, tailor existing cyber content to support specific stakeholder engagement.
  • Update training and awareness/phishing metrics (monthly), maintain ADO board (tool we use as part of the agile methodology), team process documents, including maintaining the content on the public library on our cybersecurity team site - content for Training & Awareness (weekly).
  • Maintain phishing tools used – perform admin role for KnowBe4 and for the Microsoft Attack Simulator.
  • Plan/organize and support the execution of cyber awareness events (quarterly basis).
  • Act as back-up for phishing investigation/triage in Defender dashboard (manage/triage items reported direct from outlook/report message feature, as back up for SOC resource).
  • Maintain operational processes, and SharePoint site (internal and external portal).
  • Support the planning and execution of continuous improvements, leading introduction of new processes and tools required to support cyber program (focus on change management & communication activities).
  • Lead and participate in troubleshooting sessions to find the root cause of issues and provide quick workarounds and timely resolutions within the defined SLAs. 
  • Plan, facilitate and document retrospectives/lessons learned that convey the results of events and/or exercises.
  • Support the collection, measurement, and analysis of key data related operations, cybersecurity metrics, KPIs and KRIs and do reporting that is timely, accurate, consistent, complete and relevant for providing comprehensive information for strategic cybersecurity management decisions.
  • Complete benchmark on security services, act as an advocate, sharing knowledge on cybersecurity industry leading frameworks (i.e., NIST-CSF).

Must have skills:
  • 5+ years experience as a Business Analyst
  • Experience with planning/tracking cyber change initiative and/or understand of Cyber hygiene.
  • Experience working in an Agile / Scrum environment
Nice to have skills:
  • Ability to influence stakeholders at all levels of the organization and manage cross-teams’ dependencies.
  • Expert knowledge on preparing and delivering presentations for business and executive level
  • Knowbe4 and/or Microsoft Attack Simulator phishing tools.
  • Knowledge of Cybersecurity industry leading frameworks (i.e., NIST-CSF), policies and privacy principles.
  • Hands on experience on Business process maps, requirements gathering and leading technology change