Senior Security Risk Analyst to develop cyber security risk management KPIs & KRIs for a crown corporation client

Job Type: Contract
Positions to fill: 1
Start Date: Nov 01, 2023
Job End Date: Nov 01, 2026
Pay Rate: Hourly: Negotiable
Job ID: 131752
Location: Montreal, Ottawa, Toronto
Our valued crown corporation client is seeking a Senior Security Risk Analyst to develop Key Performance Indicators and Key Risk Indicators for cyber security risk management

Long term (3-year) contract in Ottawa, ON. 100% remote options will be considered however local candidates with the ability to work on-site twice a week in downtown Ottawa, ON will be heavily prioritized. 7.5 hours/day, Monday to Friday. 

  • Assess and provide recommendations on technical/non-technical solutions to support the ongoing operation of a metrics management and reporting framework for Cyber Security Risk Management
  • Support the ongoing evolution of a metrics management and reporting framework for the organization's Cyber Security Division, including maturing and adding new KPIs and KRIs for Cyber Security Risk Management
  • Continually ensure cyber metrics and cyber reporting framework are aligned with the enterprise risk management framework in place
  • Assist with the development and implementation of a Cyber risk governance framework to enable risk base decision making
  • Leverage reporting dashboards, KRIs and KPIs to prepare reports for senior leaders through consultation with senior cyber stakeholders
  • Facilitate workshops with technical and non-technical stakeholders to document functional and non-functional requirements as they relate to cyber risk management metrics and reporting
  • Assess and provide recommendations on cyber hygiene metrics and reporting
Must-Have Skills:
  • 7+ years of demonstrated experience in a operational risk management or cyber risk management role
  • Demonstrated experience developing KPIs and KRIs for cyber security risk management
  • Demonstrated experience with data visualization/business intelligence tools; creating dashboards and reports for performance reporting metrics for various audiences
  • Demonstrated knowledge of Enterprise Risk Management
  • Demonstrated knowledge of business process model and notation standards
  • 3+ years of demonstrated experience managing small to large projects, both business and IT related