Job Title – Cybersecurity Risk Analyst

Period – 4 months

Location – Toronto, ON

Work mode : Hybrid – (3 days)

Summary:

This role will support the business and technology teams in complying with organizational and regulatory guidelines and best practices towards enhancing the resilience of critical operations and services. Activities will support the continuity of critical business operations.

The role will also participate in key projects and initiatives ensuring operational and information risk is always considered and managed, and will work with other teams including Information Security, Information Protection and Vendor Risk Management to provide comprehensive Information Risk Management to the company.

Job Responsibilities:

• Serve as a Group Functions Technology contact for information and cybersecurity requirements.
• Empower technology teams to identify and manage their information and cybersecurity risks effectively.
• Lead and participate in key projects and initiatives, ensuring that information and cybersecurity risk is consistently considered and handled.
• Support L2 and L3 reviews of risk program practices

Skills:

• Cybersecurity

• Security Monitoring

• Vulnerability Assessment

• Penetration Testing

• Threat Modeling

• Security Risk Assessment

• Risk Management

• Security Testing

Education/Experience:

• A bachelor's degree would be an added advantage with 5+ years of relevant experience.
• Professional certifications (CISSP, CSSLP, OSCP) or equivalent industry-recognized security certifications.
• Financial Services industry experience preferred.

Candidate Requirements

• Strong understanding of information security controls, vulnerability management, and risk management frameworks (NIST CSF, ISO 27001/27002).

• Proficiency in security tools such as SIEM, IDS/IPS, endpoint protection, and vulnerability scanning tools.

• Knowledge of cybersecurity principles, internal controls, and risk management tools.

• Proficiency in data visualization tools (Tableau, Power BI) and statistical data analysis.

• Hands on experience with tools such as JIRA, Confluence, and MS 365.

• Experience with cybersecurity assessment frameworks (PTES, OWASP, OSSTM) and penetration testing.

• Understanding of legal and regulatory requirements related to cybersecurity and IT governance.

• Excellent communication skills to effectively convey risk assessments and security recommendations.

• Knowledge of ticketing and tracking tools such as ServiceNow – Security Operations, GRC systems like Archer.

• Understanding of legal and regulatory requirements related to technology risk management Familiarity with cybersecurity governance frameworks and their implementation

• Knowledge of statistical data analysis and reporting toolsets

• In-depth knowledge of risk assessment methodologies and risk management frameworks.

• Proficiency in using risk assessment tools and software.

Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.

Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit https://dexian.com/ to learn more. Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status