Security Risk Analyst

Our leading retail client is looking for a Security Risk Analyst to join their e-commerce team on a contract basis. This will be an 8 month contract in a hybrid model at the Mississauga head office.

The Security Risk Analyst plays a crucial role in supporting the audit process by performing IT audits and assessments in accordance with industry best practices (SOX, NIST, PIPEDA, COBIT, ISO, etc). The ideal candidate possesses a strong understanding of broader cybersecurity concepts, technology risk assessment, cloud security, and can provide detailed responses to client inquiries.

Key responsibilities:

• Partnering with our Global Audit teams to perform IT audits and assessments.
• Enforcement of our governance model and processes
• Identify and assist in providing recommendations and guidance in remediating security gaps and vulnerabilities in the IT environment.
• Collaborate with internal and external teams to support security audit initiatives and projects.
• Prepare and maintain evidence and documentation for various audits and certifications.
• Evaluate and analyze information/data from multiple sources to reconcile conflicts, decompose high-level information into details, and make data-driven strategic recommendations.
• Providing awareness and training on the organization's audit, governance and risk processes.

Minimum Qualifications

• 3+ years in an audit role
• Subject matter expertise in conducting security risk assessments and evidence collection.
• Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
• Understanding of respective industry best practices (e.g., SOX, PIPEDA, NIST, ISO, COBIT, OWASP, ITIL, DSS 4.x)
• Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
• Demonstrates agility and possesses the capability to thrive in a dynamic, high-speed setting characterized by evolving priorities and conflicting deadlines.
• Strong written and verbal communication skills with the ability to effectively communicate with all levels including senior management.
• Get-it-done attitude with an ability to effectively follow-through and anticipate next steps with all ongoing initiatives.
• Ability to foster and build relationships, engage, and influence others, work with diverse subject matter experts.
• Flexible and adaptable when dealing with change, with a strong awareness and understanding of cultural diversity.
• Proficient in Microsoft Office Suite of products including MS Word, PowerPoint, MS Project, and MS Visio.
• Excellent presentation and facilitation skills.
• Understanding of complex/matrix organization.
• Expertise in working within a global organization.

Nice to have

• CISM, CISA, CISP, CISSP, CRISC
• Retail experience

If this role aligns with your skill and expertise, we invite you to apply today!

For quick consideration, apply directly to Altis Job 14978 via

https://jobportal.altis.com/ad?b=altisprofessional&jobid=14978