Consultant, Security Analyst

Start : Immediate
Toronto, Ontario

Position Responsibilities:

  • You will be reporting to the Managing Director, your primary responsibility will be to ensure that all operations and services provided will comply with strict privacy and security standards for the communication, storage and management of confidential and sensitive information.
  • As a Consultant Security Analyst, you will work with internal project teams and resources to ensure that IT Security Policies and Best Practices are followed as our systems, products and services are designed, built, deployed and upgraded.
  • You will be responsible for evaluating and analyzing security requirements, evaluating safeguards, vulnerabilities and threats, providing evaluations of risk, and providing risk mitigation strategies. As part of your day-to-day, you will conduct Threat Risk Assessments (TRA), which in turn will provide input into the Certification and Accreditation (C&A) process. You will apply knowledge of technology to business goals and objectives and make recommendations on technology initiatives, projects, hardware and software while assessing the use of new technologies.
  • You will also interface with Digital Wyzdom clients and partners as part of the client engagement lifecycle, evaluating business requirements and analyzing security requirements (e.g. assurance level requirements, data sensitivity, registration and authentication requirements etc.). You may also be presenting Threat and Risk Assessment (TRA) and other security assessment findings to the client.
  • As part of the Security team, you will provide regular project status updates to team members, and assist in defining security requirements for new projects. You will participate in Vulnerability Assessment (VA) and Pen Testing, creating Statements of Work (SOW), interpreting test results and advising in the preparation of use cases. In addition, you will help to establish and promote security policies, standards, and guidelines.

Education and Background Requirements:

  • 5 or more years experience as an IT security professional
  • Knowledge and understanding of security standards and best practices
  • Solid understanding of various information systems technologies including LAN and WAN, firewalls, Internet protocols and applications, secure communications, PKI, role-based access control (RBAC) and identity management
  • Demonstrated experience with Threat and Risk Assessments (TRA) and other risk assessment methodologies and tools.
  • good communications skills, including experience conducting meetings, writing reports and conducting presentation, and are able to work independently and as part of a team. CISA and/or CISSP designations would be a strong asset.