IT Security Analyst – Cyber Regulatory Compliance

Company: Direct IT Recruiting Inc.

Location: Toronto

Status: 6 Month Contract

Job Reference No: 831

Job Category: IT Information Security, cyber regulatory compliance, bank, policies, standards, cybersecurity, audit, NIST CSF, SWIFT CSP, PCI DSS, ISO 27001/2, CISSP, CISM, CRISC, CISA

Career Level: Intermediate to Senior

Number of Staff to Supervise: N/A

Work Experience: 5+ years IT Information Security, cyber regulatory compliance, bank, policies, standards, cybersecurity, audit, NIST CSF, SWIFT CSP, PCI DSS, ISO 27001/2, CISSP, CISM, CRISC, CISA

Industry: Financial, Bank

Apply

 

IT Security Analyst – Cyber Regulatory Compliance

 

Job Title: IT Security Analyst – Bank Cyber Regulatory Compliance

Company: Direct IT Recruiting Inc.

Location: Toronto

Status: 6 Month Contract

Job Category: IT Information Security, cyber regulatory compliance, bank, policies, standards, cybersecurity, audit, NIST CSF, SWIFT CSP, PCI DSS, ISO 27001/2, CISSP, CISM, CRISC, CISA

Career Level: Intermediate to Senior     

Work Experience: 5+ years IT Information Security, cyber regulatory compliance, bank, policies, standards, cybersecurity, audit, NIST CSF, SWIFT CSP, PCI DSS, ISO 27001/2, CISSP, CISM, CRISC, CISA

Industry: Bank

                               

DESCRIPTION:  

 

Be a member of the Bank’s Information Security, Standards and Regulatory Management team.  This team is responsible for overseeing all cyber regulatory compliance. The team works in a governance function, performing all cyber regulatory assessments. They also act as SMEs on cyber regulatory compliance, providing consultative guidance to the business. The team handles all policy and standards relating to information security standards and security hardening requirements.

 

This resource will primarily be working with their team members and the manager. May have to coordinate with SMEs within information security and/or technology teams as-needed.

 

Contribute to the alignment of banking industry regulatory requirements and enterprise technology standards. You will be hands-on for the analysis and writing of new reference documents as well as providing plans to update the enterprise standards. Your scope will include review of the requirements of prudential and industry regulatory against all technology standards and requirements documents.

 

- Reading and interpreting technology, cyber regulatory and industry requirements. 

- Writing new documents to capture requirements different from the enterprise information security standards. 

- Interfacing with Information Security and Technology partners to draw information from subject matter experts groups when required to support new or revised documentation.

- Planning for a phased approach for implementation of a new standard.

- Researching current regulations, reviewing existing policies/documentation, and writing new documents or making updates.

- Working on a standard for customer online security.

 

REQUIREMENTS:

- 5+ years of experience in Information Security

- 3+ years of experience drafting policies, standards, and documentation

- Must be able to craft standards documentation that demonstrates clarity of thought, strong command of written language and an understanding of information security risk.

- Experience reviewing technology, regulatory or industry requirements.

- The ability to assess risk related to technology requirements in order to determine if there are material differences between the enterprise standards and other industry or regulatory requirements.

- Strong knowledge of various cybersecurity, audit or other relevant frameworks such as NIST CSF, SWIFT CSP, PCI DSS or ISO 27001/2.

- CISSP, CISM, CRISC or CISA certifications – an asset

- Banking security governance experience – an asset

- Clear and effective communication skills