Cyber Security Risk Analyst

NES Fircroft is a leading global technical recruitment company providing professional contract and permanent staff to a diverse worldwide client base within the oil & gas industry.

Job Title: Cybersecurity Risk Analyst

Location: Calgary, AB (Open to remote for the perfect candidate)

Length: Contracted to Dec 15, 2026

Rotation: Mon-Fri, 8 hours per day

Description:

The Cybersecurity Risk Analyst will support the Governance, Risk, Compliance & Resilience function by managing cybersecurity risk assessments and reporting activities across corporate IT, industrial control systems (ICS), and third-party environments. This role is responsible for identifying, assessing, and communicating cybersecurity risks and supporting compliance with established policies and standards.

Key Responsibilities

• Perform cybersecurity risk assessments using established frameworks and processes
• Facilitate business impact assessments to support risk evaluations
• Communicate cybersecurity risks to business owners and stakeholders
• Report on cybersecurity risks and manage risk lifecycle activities
• Support development, implementation, and automation of risk management tools and processes
• Identify and analyze business and technology risks
• Recommend appropriate risk mitigation controls
• Maintain accurate risk information within the cybersecurity risk register
• Conduct research on cybersecurity controls, standards, threats, and vulnerabilities
• Provide cybersecurity risk support to enterprise projects
• Collaborate with internal security, IT, and business teams
• Perform additional duties as required

Qualifications & Experience

Minimum Qualifications:

• Bachelor’s degree or technical diploma in Computer Science, Information Security, Computer Engineering, or related discipline
• 4+ years of experience in Cybersecurity, Risk Management, or related field
• Strong understanding of business processes, cybersecurity controls, and standards such as NIST CSF, NIST SP 800-53, and ISO/IEC 27001/27002

Preferred Qualifications:

• Understanding of network architectures (on-premise, cloud, hybrid)
• Familiarity with firewalls, routers, switches, VPNs, and network segmentation
• Experience managing cybersecurity risk within a large enterprise environment
• Knowledge of current IT security trends, risks, and solutions
• Relevant certifications (e.g., CISA)
• ICS/SCADA experience
• Experience within the energy industry
• Strong communication skills with ability to present to technical and non-technical audiences
• Strong analytical and problem-solving skills
• Ability to manage competing priorities and deliver results

Apply here or send your resume to [email protected]