Job Description
About the Role:
We are looking for a proactive Senior Cyber Security Specialist (Risk) to join our clients dedicated team. This role is crucial in evaluating and enhancing our cybersecurity measures, ensuring both current and future technologies are secure. The ideal candidate will be instrumental in conducting threat risk assessments, developing security policies, and leading cybersecurity initiatives.
Location: Toronto, Hybrid (3 days/week) ~ Non-Negotiable
Key Responsibilities:
- Act as a subject matter expert across the organization, providing guidance on security practices related to new services, products, and projects.
- Conduct thorough security analyses and produce detailed risk assessment reports for new and existing solutions.
- Lead the development and implementation of security controls, standards, and procedures to mitigate identified risks.
- Manage cybersecurity projects from inception through to successful completion, ensuring alignment with organizational goals.
- Collaborate with various teams to address security vulnerabilities and promote innovative security solutions.
- Drive cybersecurity awareness campaigns and contribute to educational efforts to foster a culture of security.
- Support incident response and recovery activities, and lead vulnerability management discussions.
- Ensure compliance with regulatory and industry standards through effective documentation and reporting.
Requirements:
- Bachelors degree in Computer Science, Cybersecurity, or a related field; or a combination of relevant education and experience.
- At least 2 years of experience in a cybersecurity role.
- Proficiency with cloud environments such as Azure, AWS, and Google.
- Strong analytical and critical thinking skills, with a detail-oriented mindset.
- Excellent verbal and written communication skills.
- Knowledge of industry security standards (e.g., NIST, PCI DSS, CIS, ISO, COBIT).
Preferred Qualifications:
- Professional security certifications (CISSP, CISM, CRISC, CEH, OSCP, etc.).
- Experience in threat hunting and assessing RFPs or contracts from a cybersecurity perspective.