Cyber Security Risk Advisor
Job Summary:
We are looking for a Cyber Security Risk Analyst to join our growing Cyber Security team on a full-time permanent basis. In your new role, you will be required to perform all activities in the Ledcor risk assessment process which includes business risks assessments, security reviews of project conceptual designs, functional and non-functional cyber security requirements, Cloud/SaaS vendor risk assessments, across a wide range of technology platforms and external party cloud/SaaS
services.
As our Cyber Security Risk Analyst, you will have experience in conducting cyber security risk assessments and you will also be required to maintain the exception tracking process and maintain residual risks in the cyber security risk register while tracking remediation activities with key business and technical stakeholders.
Bring your extensive Cyber Security experience to this impactful role and join our True Blue team today! This role can be based anywhere in Canada and will be a home-based position with the understanding you may be required to attend office as business needs dictate.
Responsibilities:
- Responsible for executing the cyber security risk management processes including risk
- identification, analysis, and evaluation, across the enterprise, for projects as well as for risks
- resulting from non-compliance Ledcor cyber security standards
- You will conduct Cloud/SaaS vendor risks assessments as required, as well as other third-party
cyber security risk assessments - Assist in projects to identify applicable functional and non-functional security requirements, based
on the results of the business risk assessment - Perform/facilitate scoped & scheduled cyber security risk assessments of select application
systems/platforms, as determined in the cyber security strategic plan - Responsible for reviewing exception requests, identifying the associated risks, and recommending
the appropriate course of action - Responsible for tracking the results of cyber risk assessments in the cyber risk register, while
creating associated dashboard reports
Requirements:
5+ years of experience in security governance, risk, and compliance
- 5+ years of experience in security governance, risk, and compliance
- 5 years in performing risk assessments in similar industries
- Experience updating cyber risk register
- Experience liaising with internal and external stakeholders to track remediation activities to
mitigate cyber risk - Experienced in cyber security risk management, including GRC tools, risk management processes,
and risk assessments - Experienced with cyber security frameworks including NIST, ISO, CIS, and similar
- Strong cyber security technology skills and background
- Experienced in building supplier / vendor management programs from a cyber security perspective
- Experienced in the developing functional and non-functional security requirements for IT project
- Strong project management skills, managing cyber security and other related programs, ability to
work with little supervision - Experience working with multiple stakeholders in the organization
- Excellent collaboration and interpersonal skills
- Strong problem solving and analytical skills
- Excellent written and oral communication