Intermediate Cyber Security Analyst to assess, implement and administer enterprise security controls for one of our major banking clients- 29021
Job Type: Contract
Positions to fill: 1
Start Date: Feb 01, 2023
Job End Date: May 31, 2023
Pay Rate: Hourly: Negotiable
Job ID: 126924
Location: Toronto
Intermediate Cyber Security Analyst to assess, implement and administer enterprise security controls for one of our major banking clients- 29021
Location Address: Hybrid (2 day/week) - Scarborough
Contract Duration: Until May 31st 2023 (high possibility of extension)
Scheduled Hours: 37.5 Hours Per Week
Story Behind the Need:
Must-Have skills:
Nice-To-Have Skills:
Location Address: Hybrid (2 day/week) - Scarborough
Contract Duration: Until May 31st 2023 (high possibility of extension)
Scheduled Hours: 37.5 Hours Per Week
Story Behind the Need:
- Business Group: Bank’s Cyber Security Operations (CSO) team is responsible for protecting the Bank and responding to cyber threats and events. The Cyber Automation & Defense group within CSO is responsible for assessing, implementing, and administering enterprise security controls to safeguard bank’s informational assets and reduce security risk posture.
- Reporting to the Senior Manager, Cyber Technology Assessment & Effectiveness, the Senior IS Controls Specialist will work as part of Cyber Automation & Defense (CAD) team
- Analyze security exposures and identify the remedial and compensating factors in the organization’s network.
- Advise on appropriate implementation of compensating controls including priority and success criteria.
- Work with other technology and security teams to implement controls needed to close exposures.
Must-Have skills:
- 5+ years of technical working experience as a Cyber Security Analyst
- 5+ years of technical working experience with security controls/mechanisms (or equivalent knowledge)
- You have used industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations
- You have understanding of and can apply framework methodology for pattern and behavior-based content development (MITRE ATT&CK, Pyramid of Pain)
- You have built custom reporting of mitigation status against threats
- You have experience involving red team (Vulnerability Assessments, Web app assessments), consulting (Compliance, policy creation), SOC and Device Management
Nice-To-Have Skills:
- Spanish speaking is an asset
- Previous exposure to the banking industry/financial services
- Certifications (CISSP, CISM, CCSP, CRISC)
- You have built a security program to defend against APT
- You have sized, deployed, maintained, and hardened SIEM and NGFW solutions
- Post-secondary degree in a technical field such as computer science, computer engineering or related IT field required
- 1st round interview – Hiring Manager & 2 Team Members (45 minutes)
- 2nd round interview – Global Head & 1 Team Member (45 minutes)