Security Risk Analyst

Security Risk Analyst II (Contract Position)Number of Positions: 1 Filled: 0 Duration: 8 months, possible extensionLocation: Mississauga, ON, CAMust be eligible to work in CanadaHybrid position, 2 days Tue & Thu/week onsite in Mississauga ONRoles and responsibilities:The Security Risk Analyst plays a crucial role in supporting the client's audit process by performing IT audits and assessments in accordance with industry best practices (SOX, NIST, PIPEDA, COBIT, ISO, etc.).The ideal candidate possesses a strong understanding of broader cybersecurity concepts, technology risk assessment, cloud security, and can provide detailed responses to client inquiries.Key responsibilities:•Partnering with our Global Audit teams to perform IT audits and assessments.•Enforcement of our governance model and processes•Identify and assist in providing recommendations and guidance in remediating security gaps and vulnerabilities in the IT environment.•Collaborate with internal and external teams to support security audit initiatives and projects.•Prepare and maintain evidence and documentation for various audits and certifications.•Evaluate and analyze information/data from multiple sources to reconcile conflicts, decompose high-level information into details, and make data-driven strategic recommendations.•Providing awareness and training on the client's audit, governance and risk processes.Must have skills and qualifications•3+ years in an audit role•Subject matter expertise in conducting security risk assessments and evidence collection.•Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business•Understanding of respective industry best practices (e.g., SOX, PIPEDA, NIST, ISO, COBIT, OWASP, ITIL, DSS 4.x)•Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches•Demonstrates agility and possesses the capability to thrive in a dynamic, high-speed setting characterized by evolving priorities and conflicting deadlines.•Strong written and verbal communication skills with the ability to effectively communicate with all levels including senior management.•Get-it-done attitude with an ability to effectively follow-through and anticipate next steps with all ongoing initiatives.•Ability to foster and build relationships, engage, and influence others, work with diverse subject matter experts.•Flexible and adaptable when dealing with change, with a strong awareness and understanding of cultural diversity.•Proficient in Microsoft Office Suite of products including MS Word, PowerPoint, MS Project, and MS Visio.•Excellent presentation and facilitation skills.•Understanding of complex/matrix organization.•Expertise in working within a global organization.Nice to have•CISM, CISA, CISP, CISSP, CRISC•Retail experience, Retail,IT Services and IT Consulting