Senior Security Analyst/Advisor with cloud security controls experience (GCP/Azure) to work with one of our major banking clients- 38523

Senior Security Analyst/Advisor with cloud security controls experience (GCP/Azure) to work with one of our major banking clients- 38523

Location Address: Hybrid - Scarborough and Toronto -- 2x/week (preferably Tuesdays/Thursdays) - contractor can choose which location to go to

Subject to change: 3-4 days onsite may be required based on business needs

Contract Duration: 9 months - to July 31, 2026 (Possibility of extension & conversion to FTE)

Schedule Hours: 9am-5pm Monday-Friday; standard 37.5 hrs/week

Story Behind the Need

• Business group: Information Security Advisory Services - As part of the Information Security and Control (IS&C), Senior Information Security Advisor is providing advisory services to business lines, subsidiaries and affiliates enabling the achievement of the Bank's Information Security Policy. As a Senior Security Advisor within the IS&C - Global Technology Applications - Security Advisory Services team, you will provide a central point of reference and core competency for Information Security. Assisting in the classification and protection of data resources by providing guidance on secure and cost-effective implementation of Bank's security policies and standards. Providing guidance to design, develop and implement sound risk management controls in accordance with Bank's standards that assure the Bank's compliance with industry regulations. Keeping informed and well versed on financial industry regulations demands in different regions based on practical experience. Pursuing security and control process improvements to advance security compliance and improve internal processes.
• Project: Providing security advisory services to different business lines across the organization - providing risk and security-based opinions, completing threat and risk assessments

Typical Day in Role:

• Acting as a central point of reference and core competency for Information Security. Assisting in the classification and protection of data resources by providing guidance on secure and cost-effective implementation of Bank's security policies and standards.
• Representing Information Security in projects, initiatives, mergers and acquisitions. Working with business lines to develop sound security strategic and tactical plans towards the reliable implementation of consistent and secure control processes to protect the Bank. Drive initiatives and support business functions to assess security risks and to make informed decisions to protect information assets.
• Providing guidance to design, develop and implement sound risk management controls in accordance with Bank's standards that assure the Bank's compliance with industry regulations. Keeping informed and well versed on financial industry regulations demands in different regions based on practical experience.
• Pursuing security and control process improvements to advance security compliance and improve internal processes.

Candidate Requirements/Must Have Skills:

1. 10+ years of working experience as an IT Security Analyst / Security Advisor

2. 5+ years’ recent hands-on experience with cloud security controls and experience in deployments and cloud architecture security (GCP and Azure preferred)

3. 5+ years’ hands-on experience with security controls/mechanisms and threat/risk assessment techniques pertaining to complex data, application, and networking environments

4. 5+ years’ combined experience with security technologies such as: Identify & Access Management, PKI, Intrusion Prevention, vulnerability assessments (any are OK please list which)

Nice-To-Have Skills:

1. Experience with client BNS is a strong preference so they are familiar with systems

2. Experience with/knowledge of financial services’ Security Governance Framework (policies and standards) is a strong asset.

3. Experience with Agile, Lean, Rapid Labs and other accelerated project frameworks would be an asset.

4. Security Certifications: CISSP, CCSP, GSEC, CISA, CISM, etc.

5. Experience with regulatory guidelines related to the financial industry like OSFI.

Education:

• College or university degree in Computer Sciences, Information Systems/Security or technical equivalent.

Security Certifications: CISSP, CCSP, GSEC, CISA, CISM, etc. an asset

Best VS. Average Candidate:

• Well developed communication skills are required, and the ability to confidently present ideas and recommendations at formal presentation and conference calls.

• Security Advisory Banking experience.

• Previous BNS experience is an asset.

• Ability to complete threat risk assessments.

Candidate Review & Selection

• 1st round MS Teams interview - Hiring manager + 2 team members (30 minutes)

• 2nd round MS Teams interview - Hiring manager + Global head (30 minutes)

• Candidate should be prepared to discuss their working experience/projects and how it relates to the job requirements. Assess both technical and soft skills.

Hiring Manager’s availability to interview: ASAP