Our leading consulting client is looking for a Jr Security Analyst to join their DSG team.

This is a 3 month remote contract with likelihood of extension up to 6 months.

This is an exciting opportunity for an individual who has experience in conducting cyber security risk assessments and security by design for Business requirements and projects

The Junior Security Analyst will work with Business, Risk, Privacy and Technology teams to assess and analyze cyber security risks. The individual is expected to provide security recommendations in accordance with assessed threats and risks, while also taking into consideration required compliance and regulatory aspects of the Business. This individual is expected to document and track identified risks and recommendations through the Security Assessment report (SAR) & Quality Risk Management (QRM) and seek NITSO approvals where required.


Responsibilities: 

• Act as a liaison with Business and Risk teams to gather information on Business projects and requirements. Review security in Business applications & services to ensure they meet security standards and compliance.
• Act as a subject matter expert in Cyber security related to Business requirements while ensuring prioritization of Business requirements.
• Develop and maintain security tracking for critical Business projects.
• Liaise with privacy and risk teams to align security assessments.
• Coordinate with Business and technology teams to ensure security requirements are documented as needed.

Must haves: 

• 2+ years’ experience with secure design and project risk assessments for cloud and on-prem environments including SAAS solutions
• Excellent knowledge of information security standards/practices (e.g., CSA CCM, ISO, PCI DSS, NIST CSF, NIST 800:53 etc.), and aspects related to data security protection
• Previous security experience in a consultancy role collaborating with internal Technology, Project, and Business teams
• Bachelor’s or master’s degree in information technology, Computer Science, or a related work experience, or equivalent
• Working knowledge of AI systems and security controls applicable to AI solutions and technologies
• Experience in providing security recommendations by assessing and analyzing application security testing outcomes from Secure Code review, DAST & SAST
• Applied knowledge of methodologies to conduct threat-modeling exercises on new applications and services
• Ability to articulate risks and recommendations by way of formal documentation along with the ability to explain the risks to Leadership as needed

Nice to have:

• CISSP, CRISC, ISSAP, CISM, CISA, CCSP

We’re an equal opportunity employer committed to increasing diversity and inclusion in today’s workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Minorities, women, LGBTQ candidates, and individuals with disabilities are encouraged to apply. If you require an accommodation, please review our accessibility policy and reach out to our accessibility officer with any questions.