Cyber Risk Analyst
Cyber Risk Analyst
Posted on :
07-08-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
07-08-2025
Job Description
Job description
Were looking for a talented Cyber Risk Analyst to grow our team. If your passion lies in understanding and navigating the complex landscape of cyber threats through a lens of advanced risk assessment and mitigation strategies we have an excellent opportunity for you.
As a key member of our team you will be actively involved in conducting risk privacy and cybersecurity assessments assisting our high-profile clients in identifying risks enhancing their security posture and developing robust strategies to mitigate potential cyber threats.
We believe in fostering a culture of continuous learning and professional development providing opportunities for you to expand your expertise in cybersecurity privacy and risk management. Together we will tackle challenging projects innovate solutions and achieve excellence in our field ensuring that as our team grows you do too.
Key Responsibilities:
Assist with conducting information security gap maturity and threat risk assessments (e.g. NIST CSF HITRUST CSF CIS CSC etc.).
Collect information security control evidence from third-party vendors to facilitate the process of conducting third-party risk assessments for our clients.
Assist with conducting in-depth analysis of business financial and IT systems alongside other data processing systems to identify technology and privacy risks and provide recommendations for improvements and risk treatment.
Assist with creating professional reports providing comprehensive insights into assessment findings detailed risk information and expert advice on remediation or risk reduction and treatment strategies.
Assist in the coordination and documentation of the IT risk control libraries for third-party and threat risk assessments.
Work collaboratively with the team to strategize engagements formulate project timelines and requirements conduct needs analysis and provide support for other project planning activities.
Maintain up-to-date knowledge of security threats industry trends GRC tools processes and technologies.
Travel to company offices and client locations across Canada.
Technical Skills:
Good understanding of risk management principles and frameworks such as the NIST RMF ISF ISO 27005 and their application to diverse technology environments. Additional experience in one or more of the following: SIG FAIR or STRIDE would be an asset.
Good understanding and hands-on experience in conducting cybersecurity maturity and risk assessments including the evaluation of security controls and vulnerabilities.
Familiarity with cloud service provider security frameworks and configuration best practices such as AWS Shared Responsibility Model Azure Security Benchmarks CSA CCM etc.
Familiarity with industry regulations and standards such as NIST SP 800-53 NIST CSF ISO 27001 HITRUST CSF CIS benchmarks and critical security controls.
Experience with various information security concepts including network and wireless security application security industry best practices systems hardening data encryption data privacy incident response physical security vulnerability scanning penetration testing file integrity monitoring log monitoring and documented security governance controls (i.e. policies processes standards procedures).
Good understanding of network systems configurations Unix Linux Windows and database server configurations.
Education and Work Experience:
Degree in Information Technology Information Systems Information Security or Risk Management (or equivalent work experience).
At least 2-3 years of professional experience in cybersecurity with a focus on risk assessment security controls and/or compliance.
Industry Certifications:
Willingness to obtain industry certifications (e.g. CTPRP CISSP CRISC CIPP HITRUST CCSFP etc.).
Industry certification in Information Security/Audit is an asset.
Soft Skills:
Exceptional customer service communication and interpersonal skills.
Strong written and verbal communication skills.
Strong organizational skills.
Strong time management skills.
Honesty and integrity.
Dedication to providing solutions to meet or exceed clients needs and expectations.
Ability to handle challenges and project workloads.
Benefits:
Company-paid medical and dental benefits and wellness benefits.
Company-paid continuing professional education and certification maintenance.
RRSP contribution.
4 weeks of paid vacation with 5 weeks of paid vacation after 5 years of service.
Company team-building events throughout each year.
Flexible remote work options.
Location:
You must be located within reasonable travelling distance of the Control Gap Headquarters in Mississauga Ontario Canada.
You must possess reliable transportation to travel to company offices and client work sites.
Employment Type:
Full-time
Required Experience:
IC
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
