Job Description :Our Client is looking for  Cybersecurity Risk Analyst for a 6-months contract to work remotely.

Must Have Primary Skills :

• Minimum of 5 years progressive experience in IT risk, Cybersecurity risk management, IT Audit or information security risk management, with an emphasis on cybersecurity technology implementation projects or related technology implementations. 
• Position requires a 4-year degree in computer science, management or engineering, recognized in Canada. An equivalent combination of education and experience will be considered.
• CRISC, CISM, and/or CISSP Certification is an advantage.
• For those not meeting the minimum education, additional work-related experience will be deemed equivalent.
• Pro-active in continued professional and personal skill development is mandatory.
• Excellent contract management skills. Experience working with a Managed Security Services Provider is an advantage.· Understanding of cybersecurity risk management and risk mitigation strategies.
• Ability to communicate project and technology risks effectively.· Strong negotiation skills to negotiate resources, changes, issues, budgets, and timelines.· Passionate about customer service excellence.
• Multi-tasking ability - must be comfortable with simultaneously managing multiple projects.
• Excellent interpersonal, leadership, motivational, organizational, and planning skills.·
• Resourceful, creative and self-motivated.
• Strong problem-solving skills, including the ability to take a practical approach to dealing with shifting priorities, demands and timelines.
• Highly self-motivated, self-directed, and attentive to detail.·
• Understanding of systems development methodology and direct experience with all aspects of systems analysis, design, testing, and implementation.
• Excellent communication and interpersonal skills are required. These skills must include strong oral and written communication skills, as well as a high degree of tact, diplomacy, and persuasiveness.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Extensive experience working in a team-oriented, collaborative environment.
• Working knowledge of a broad range of standards and frameworks: International Standards Organization(ISO) 27001, IT Infrastructure Library and ISO 20000, Capability Maturity Model Integration and Six Sigma
• Excellent knowledge of common risk management methodologies –ISO, NIST, CoBIT, COSO, etc.
• Understanding of client's strategic business risks

Nice To Have Secondary Skills :
Excellent verbal and written communication skills

Proven Experience In :
Works with IT teams, reviews operational and project activities (plans, designs, testing, reporting, etc.) providing a risk profile, and recommending appropriate remediation measures to minimize cybersecurity risks
Works with compliance teams to continually monitor compliance drifts, providing risk assessments and consequences of new risk profiles, and advises applicable managers to take effective remediation steps 
Manages the Vulnerability Management Program (review, analyze, and report on outcomes of penetration tests and vulnerability assessments with a view to creating a digital security/cybersecurity risk posture of client) with client's Managed Security Services partner · Follows up with applicable Risk Owners to ensure vulnerability findings are mitigated 
Works with Enterprise Risk Management to ensure digital security/cybersecurity risks do not exceed clients risk appetite, or operate out of risk tolerance bands

send resume to sgerard@finney-taylor.com
IND1