Information Security Analyst

Primary Job Title: Information Security AnalystAlternate / Related Job Titles:
Senior Information Security Analyst
Cyber Risk Assessment Lead
Third-Party Cyber Risk Analyst
IT Security Risk ConsultantLocation & Onsite Flexibility:
Toronto, ON — Hybrid (2 days onsite, moving to 4 days onsite)
Work Location: 160 Front Street West, Toronto, OntarioContract Details

• Position Type: Contract
• Contract Duration: 6 months
• Start: As Soon As Possible
• Pay Rate: C$60-70/hour
• Schedule: Monday-Friday, core business hours (37.5 hours/week)

About the ProjectThis role supports a large financial institution’s Global Security and Defence organization. The engagement focuses on third-party lifecycle management and cyber risk assessments, supporting multiple concurrent initiatives. The team operates in a collaborative, supportive environment with a strong emphasis on risk mitigation, compliance, and enterprise security maturity.This position is a backfill with strong potential for extension or conversion, based on performance and business needs.Position OverviewThe Info Security Analyst will lead and execute third-party cyber risk assessments for global suppliers. This role provides subject matter expertise in identifying cyber risks, assessing control effectiveness, and recommending remediation strategies to protect enterprise systems and data.The analyst will collaborate with internal and external stakeholders, contribute to enterprise-level security initiatives, and support the continuous improvement of third-party cyber risk management frameworks.Key Responsibilities

• Coordinate with risk stakeholders to initiate, scope, and plan third-party cyber risk assessments for new and existing suppliers.
• Lead or contribute to cyber risk assessments at the application, portfolio, or enterprise level.
• Communicate assessment results clearly to technical and non-technical stakeholders.
• Identify, validate, and track risk mitigation and remediation plans.
• Conduct assessments in alignment with internal standards, industry frameworks, and best practices.
• Guide partners on technology controls and information security policies, standards, and incidents.
• Contribute to the development and oversight of a global third-party cybersecurity management strategy.
• Adhere to internal policies, regulatory requirements, and technology control standards.
• Identify opportunities to improve internal processes and risk management practices.
• Influence behavior to foster a strong technology risk management culture across the organization.

Skills & QualificationsRequired Skills

• 10+ years of experience performing third-party cyber risk assessments
• Expert knowledge of IT security and risk disciplines
• Experience leading or contributing to large, complex security initiatives
• Ability to act as a senior subject matter expert for technology controls and information security

Preferred Skills

• CISSP or other information security certifications
• Prior banking or financial services experience

Additional Skills

• Strong written and verbal communication skills
• Proven stakeholder engagement and collaboration abilities
• Strong assessment planning, coordination, and execution skills

Candidate Profile

• Post-secondary education preferred
• Cybersecurity background required
• High integrity, consistency, and commitment (multiple short contracts or job hopping may be disqualifying)

Client DescriptionTop 10 bank in Canada and North America providing comprehensive retail, commercial, wealth management, and wholesale banking solutions.Job Number: 26-00046
#gttca