PURPOSE OF THE CYBER SECURITY RISK ANALYST

The Cyber Security Risk Analyst assist the Chief Information Security Officer in identifying, evaluating and mitigating digital threats to safeguard the Bank’s critical infrastructure, proprietary data, and digital assets.

This role is critical in building a resilient security architecture, ensuring uninterrupted operational continuity, maintaining regulatory compliance and upholding customer trust in an evolving threat landscape.

 

RESPONSIBILITIES

Assist in the development and implementation of the cyber and technology risk management framework.

Draft and seek validation for relevant policies and procedure manuals for the cyber and technology risk management.

Support in the development of relevant cyber and technology security awareness and training programs.

Monitor compliance of all staff and any related third-party service providers to the cyber and technology risks policies.

Evaluate and report on the cyber and technology risk position of the bank:

o        trends in key performance metrics

o        results of assessment of training and awareness programs

o        key findings from testing exercises, audits and other reviews

Monitor the evolution of the threat landscape including current and emerging risks.

Acknowledge, record and report any cyber incidents updating the incident response plan wherever required.

Ensure Business Continuity Plan is always up to date with regards to the latest updates within the environmental context.

Support in the investigations of cyber incidents.

Ensures compliance with the data protection laws

Implementation of a set of relevant cyber and IT controls (2nd level)

 

WHAT YOU BRING TO THE TABLE

Your Track Record

Bachelor’s degree in Information Technology, Information Systems, Cyber Security, Computer Science or related IT technical qualification

Possession of ISACA certification is considered a distinct advantage.

Proven expertise of at least 2 years' experience in the field of cyber and technology risk

Security Operations & Tooling

Proficiency with endpoint detection and response (EDR), firewalls, antivirus, and Security Information and Event Management (SIEM) systems.

Networking & Operating Systems

A sound understanding of network protocols (e.g., TCP/IP), network traffic analysis, and operating systems (Windows, Linux).

Incident Response & Forensics

The ability to execute a structured incident response plan, conduct digital forensics, and analyze malware to minimize damage.

Digital Literacy

Sharp efficiency with the Microsoft Office suite to manage, analyze, and present operational data.

Professional DNA & Execution Style

Maintain a meticulous attention to detail.

Maintain the unique ability to execute tasks independently with minimal supervision, while remaining a highly collaborative team champion.

Thrive under pressure within a dynamic corporate environment, flawlessly managing shifting priorities.

Exceptional team-first attitude combined with flawless bilingual diplomacy (English & French, written and spoken) to seamlessly influence stakeholders.