Senior Security Risk Analyst to develop cyber security risk management KPIs & KRIs for a crown corporation client
Job Type: Contract
Positions to fill: 1
Start Date: Nov 01, 2023
Job End Date: Nov 01, 2026
Pay Rate: Hourly: Negotiable
Job ID: 131752
Location: Montreal, Ottawa, Toronto
Our valued crown corporation client is seeking a Senior Security Risk Analyst to develop Key Performance Indicators and Key Risk Indicators for cyber security risk management
Long term (3-year) contract in Ottawa, ON. 100% remote options will be considered however local candidates with the ability to work on-site twice a week in downtown Ottawa, ON will be heavily prioritized. 7.5 hours/day, Monday to Friday.
Responsibilities:
Long term (3-year) contract in Ottawa, ON. 100% remote options will be considered however local candidates with the ability to work on-site twice a week in downtown Ottawa, ON will be heavily prioritized. 7.5 hours/day, Monday to Friday.
Responsibilities:
- Assess and provide recommendations on technical/non-technical solutions to support the ongoing operation of a metrics management and reporting framework for Cyber Security Risk Management
- Support the ongoing evolution of a metrics management and reporting framework for the organization's Cyber Security Division, including maturing and adding new KPIs and KRIs for Cyber Security Risk Management
- Continually ensure cyber metrics and cyber reporting framework are aligned with the enterprise risk management framework in place
- Assist with the development and implementation of a Cyber risk governance framework to enable risk base decision making
- Leverage reporting dashboards, KRIs and KPIs to prepare reports for senior leaders through consultation with senior cyber stakeholders
- Facilitate workshops with technical and non-technical stakeholders to document functional and non-functional requirements as they relate to cyber risk management metrics and reporting
- Assess and provide recommendations on cyber hygiene metrics and reporting
- 7+ years of demonstrated experience in a operational risk management or cyber risk management role
- Demonstrated experience developing KPIs and KRIs for cyber security risk management
- Demonstrated experience with data visualization/business intelligence tools; creating dashboards and reports for performance reporting metrics for various audiences
- Demonstrated knowledge of Enterprise Risk Management
- Demonstrated knowledge of business process model and notation standards
- 3+ years of demonstrated experience managing small to large projects, both business and IT related