Technology Risk Assessment Specialist
Eagle is currently seeking a Technology Risk Assessment Specialist. This is a permanent career opportunity with a top tier organization to start In March in Etobicoke ON.
The purpose of this role is to work across multiple technical and business functions providing technical leadership for all security-related issues in order to deliver secure systems and establish secure relationships with third parties. This includes driving technology risk and control assessments to evaluate application/system and third-party security in all phases of the system development life cycle through defining security practices, performing software security architecture and design reviews and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications and platforms.
- Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments, and any other relevant areas;
- Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines;
- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against the client’s business;
- Execute programs to manage risk-based prioritization of controls and control remediation, as identified by the framework and/or audit reviews; and,
- Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
Education, Skills & Experience:
- University Degree, Computer Science or Engineering;
- CISSP or equivalent information security certification. Cloud security certification (e.g. CCSP) an asset;
- Five plus (5+) years of relevant experience;
- Served as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors;
- Experience conducting comprehensive risk and control design assessments for third-party arrangements and for an application portfolio, articulated and documented impact of control gaps to the business and enterprise-wide, risk mitigation and remediation p
- Experience performing security design reviews to asses security implications for the introduction of new or differing technologies within the environment;
- Experience with the assessment, implementation, management, and documentation of a broad set of security technologies and processes in an on-prem and cloud environments spanning: network security technologies and server and endpoint security;
- Excellent knowledge of information security standards (e.g., NIST, PCI DSS, ISO 27002, etc.), rules and regulations related to information security and data protection
- Knowledge of OWASP, SANS or other applications security-related frameworks;
- Exposure to application security best practices such as secure coding, security testing techniques and tools. As well as having exposure to a third party and application security assessment tools/portals;
- Fluent in English (reading, writing, and verbal). Bilingualism is an asset; and,
- Strong project management disciplines and organizational skills.
Don’t miss out on this opportunity, apply online today!
Eagle is an equal opportunity employer and will provide accommodations during the recruitment process upon request. We thank all applicants for their interest; however, only candidates under consideration will be contacted. Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.