Senior Security Risk Analyst to provide content reporting on cybersecurity metrics and risk landscape

Our valued crown corporation client is seeking a Senior Security Risk Analyst to provide content reporting on cybersecurity metrics and risk landscape

Initial 1 year contract with a strong possibility of extension to a total maximum term of 3 years. Hybrid (8 days/month) on-site in downtown Ottawa, ON. 7.5 hours per day, Monday to Friday.

Responsibilities:

• Assist in the coordination of reporting processes and protocols.
• Participate in governance meetings within the Cyber team to gather and assess monthly metrics and results as required
• Analyze metrics and qualitative findings from assurance and testing activities across various teams and articulate a comprehensive Cyber risk story
• Analyze, and report on cybersecurity risk posture, creating a comprehensive view of the organization's cyber health
• Provide cohesive and comprehensive monthly summaries and reports to the Chief Information Security Officer and other executives
• Deliver detailed and executive level briefing materials tailored to different audiences (e.g. PowerPoint), illustrating the Cybersecurity metrics and risk landscape
• Create a consistent narrative around enterprise cyber risk
• Develop content and presentations specifically for the use of the Cyber Directors or the Chief Information Security Officer
• Assist with effective communication between the Architecture and Assurance, Access Management, Monitoring and Response, and Awareness and Strategy teams to ensure integrated risk and metrics reporting.
• Assist the Cyber Division in building a stronger risk culture through training and the implementation of a risk governance

Must-Have Skills:

• 7+ years of demonstrated experience in an cyber risk management role
• Professional certifications (CISM, CRISC)
• 5+ years of demonstrated experience in project management and governance within cybersecurity
• Demonstrated ability to communicate to all levels of an organization including executive level
• Demonstrated experience in cybersecurity risk and metrics
• Demonstrated experience in storytelling, creating, and presenting high-quality, informative materials (i.e. PowerPoint, Canvas)
• Demonstrated ability to synthesize complex data into clear, actionable insights for all level of audiences including executive level

Nice to Have

• Demonstrated experience with excel and Visualization tool (i.e.Power Bi)
• Demonstrated experience working in a 3 Lines of Defense Model