Cyber Security Risk Analyst - Assurance
New
CanadaContractMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
Requirements
- University degree or college diploma in Computer Science, Information Security, Risk Management, or a related field.
- 5+ years of experience in cybersecurity or technology risk, including at least 3 years producing executive-level cyber risk reporting.
- Strong hands-on experience with cyber risk frameworks such as NIST Cybersecurity Framework, HTRA, and related methodologies.
- Experience working with ServiceNow GRC for risk tracking, documentation, and governance workflows.
- Ability to translate technical vulnerabilities and security findings into business impact, risk language, and remediation guidance.
- Strong understanding of common cyber threats, mitigation strategies, and security control environments.
- Excellent written and verbal communication skills with the ability to influence executive and non-technical stakeholders.
Responsibilities
- Translate complex cybersecurity findings from Threat and Risk Assessments (TRAs) and penetration tests into clear, executive-level risk narratives and actionable insights.
- Apply cybersecurity risk frameworks such as NIST Cybersecurity Framework, NIST SP 800-30, NIST SP 800-53, and HTRA to structure and assess cyber risks consistently.
- Document, track, and maintain cyber risks, treatment plans, and remediation activities within ServiceNow GRC.
- Support cyber risk governance activities, including risk register management and reporting for assurance and leadership stakeholders.
- Produce executive-grade cyber risk reports that highlight exposure, control gaps, and remediation progress.
- Collaborate with security, risk, and technical teams to ensure accurate interpretation of vulnerabilities and alignment on mitigation priorities.
View Full Description & ApplyYou'll be redirected to the employer's site
