Intermediate Cyber Security Analyst to assess, implement and administer enterprise security controls for one of our major banking clients- 29021

Intermediate Cyber Security Analyst to assess, implement and administer enterprise security controls for one of our major banking clients- 29021

Location Address: Hybrid (2 day/week) - Scarborough
Contract Duration: Until May 31st 2023 (high possibility of extension)
Scheduled Hours: 37.5 Hours Per Week

Story Behind the Need:

• Business Group: Bank’s Cyber Security Operations (CSO) team is responsible for protecting the Bank and responding to cyber threats and events. The Cyber Automation & Defense group within CSO is responsible for assessing, implementing, and administering enterprise security controls to safeguard bank’s informational assets and reduce security risk posture.

Typical Day in Role:

• Reporting to the Senior Manager, Cyber Technology Assessment & Effectiveness, the Senior IS Controls Specialist will work as part of Cyber Automation & Defense (CAD) team
• Analyze security exposures and identify the remedial and compensating factors in the organization’s network.
• Advise on appropriate implementation of compensating controls including priority and success criteria.
• Work with other technology and security teams to implement controls needed to close exposures.

Must-Have skills:

• 5+ years of technical working experience as a Cyber Security Analyst 
• 5+ years of technical working experience with security controls/mechanisms (or equivalent knowledge)
•  You have used industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations
•  You have understanding of and can apply framework methodology for pattern and behavior-based content development (MITRE ATT&CK, Pyramid of Pain)
• You have built custom reporting of mitigation status against threats
• You have experience involving red team (Vulnerability Assessments, Web app assessments), consulting (Compliance, policy creation), SOC and Device Management

Nice-To-Have Skills:

• Spanish speaking is an asset
• Previous exposure to the banking industry/financial services
• Certifications (CISSP, CISM, CCSP, CRISC)
• You have built a security program to defend against APT
• You have sized, deployed, maintained, and hardened SIEM and NGFW solutions

Education/Experience:

• Post-secondary degree in a technical field such as computer science, computer engineering or related IT field required

Candidate Review & Selection

• 1st round interview – Hiring Manager & 2 Team Members (45 minutes)
• 2nd round interview – Global Head & 1 Team Member (45 minutes)