IT Security Analyst

Primary Job Title:
IT Security Analyst
Alternate / Related Job Titles:
Information Security Advisor
Cybersecurity Analyst
Security Risk Analyst
Cloud Security Analyst
IT Risk & Compliance Analyst
Location & Onsite Flexibility:
New York City, NY
Hybrid - Onsite at least 2x per weekContract Details
Position Type: Contract
Contract Duration: 6 Months (Possibility of Extension)
Start: As Soon As Possible
Pay Rate: $70 - $75/hr
Schedule: Monday-Friday, 8:30am-5:30pm (40 hours/week; possible overtime)Job OverviewThis role sits within a Security Advisory team responsible for delivering enterprise-wide security services, including system security posture assessments, secure-by-design initiatives, and guidance to business lines on best practices and adherence to bank information security standards. The role requires a strong understanding of U.S. regulatory requirements and close collaboration with multiple business and technology stakeholders.Reporting to the Senior Manager of Security Advisory (US Advisory), the IT Security Analyst / Information Security Advisor will provide strategic and technical guidance to ensure complex initiatives are designed, developed, and implemented securely while meeting regulatory and organizational requirements.Key Responsibilities

• Provide strategic security guidance and technical expertise to business lines, IT support teams, and control functions early in the solution design lifecycle.
• Conduct Threat Risk Assessments (TRAs) and security advisory reviews for applications and infrastructure across on-prem, cloud, hybrid, and SaaS environments.
• Perform risk management activities, ensuring controls meet bank standards while enabling business objectives.
• Provide quality assurance on Threat Modelling and TRAs, particularly for cloud initiatives.
• Design and recommend security architectures and solutions, applying industry best practices.
• Collaborate with cross-functional teams to implement secure architectures for systems, applications, and networks.
• Identify security vulnerabilities, weaknesses, and control gaps, recommending remediation strategies.
• Support application of the bank’s security standards across subsidiary technology environments.
• Provide oversight of line-of-business security posture and ensure detection and remediation tools are effectively applied.
• Conduct industry benchmarking and peer reviews to align controls with emerging threats and mitigation strategies.
• Act as an Information Security liaison to assigned U.S. business lines, supporting initiatives and stakeholder relationships.

Required Skills & Experience

• 5+ years of hands-on experience performing security assessments across platforms, networks, and complex applications.
• 3+ years of experience conducting Threat Risk Assessments for on-prem, cloud, hybrid, and SaaS environments.
• 2+ years of experience in security solution architecture, software development, or hands-on security implementations.
• 3+ years reviewing vulnerability reports, server hardening requirements, and validating security controls through evidence.
• Strong understanding of U.S. regulatory requirements and security practices.

Preferred / Nice-to-Have Skills

• Experience using ServiceNow.
• Working knowledge of cloud technologies and cloud security (AWS, Azure, or GCP).
• Security certifications such as CISSP, CISM, CCSP, or CRISC.
• Familiarity with industry frameworks and standards including NIST 800-53, ISO 27001/27002/27017/27018, PCI DSS, and CIS benchmarks.

Soft Skills

• Strong verbal, written, and presentation communication skills.
• Ability to create clear, concise security documentation and communicate complex concepts effectively.
• Proven stakeholder and relationship management capabilities.

EducationPost-secondary education in Computer Science or a related field.Ideal Candidate ProfileThe best candidates will have strong familiarity with security frameworks, solid cloud security knowledge, and demonstrated expertise in U.S. regulatory compliance within financial services environments.Benefit:
Medical, Vision, and Dental Insurance Plans
401k Retirement Fund

About the CompanyOur client is a leading Canadian bank offering a broad range of financial services and committed to innovation, employee development, and performance-based rewards. This role supports U.S. subsidiaries within a highly regulated financial environment.About GTTGTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American-owned company based in Alaska. We proudly support diverse and inclusive workplaces and partner with Fortune 500 organizations across banking, insurance, financial services, technology, life sciences, utilities, and retail throughout the U.S. and Canada.Job Number: 26-00648
 #gttjobs