Position: Cyber Security Risk Assessment Consultant
Length: Contract (1 year)
Location: Downtown Vancouver
- Identify potential cyber security risks and incidents by performing vulnerability assessments, coordinating with internal teams and stakeholders, and monitoring external events and security logs to help prepare for possible contingencies.
- Determine remediation options and recommend solutions by analyzing security test results, confirming the impact of security risks and validating baseline security configurations for operating systems, applications, networking tools, and telecommunications equipment to adequately mitigate cyber security risk.
- Provide support during and after critical systems experience breaches, outages, errors, or unexpected activities by creating security operations documents such as incident reports and collaborating with incident response leads and subject matter experts to consistently implement security incident response plans.
- Assist business groups as required, in defining and/or delivering security requirements, security design, security testing, and implementation support as well as in transitioning new security systems and devices from project to operations so that cybersecurity is strengthened throughout the organization.
- Provide guidance on the execution of cyber security related action items in IT projects by conducting compliance impact assessments and collaborating with project managers to ensure that projects apply cybersecurity best practices and comply with cybersecurity regulations and policy.
- Assist with creating and maintaining the company’s standards and guidelines by developing, tuning, and implementing threat detection analytics and reviewing existing security controls, event data, and other data sources to find opportunities to continuously improve the company’s security effectiveness and capability.
- Collaborate with CIP Policy Subject Matter Experts (SMEs), cybersecurity and safety teams, emergency management team, service providers, and security administrators to complete compliance sustainment activities including the preparation of detailed reports and the collection of audit supporting documents to monitor and assure the development, revision, and update of CIP compliance policies, processes, and procedures.
- Availability to perform the work within the timeframes stipulated. Please detail availability of candidates.
- A minimum 7 years of working experience in Information Technology
- A minimum of 5 years demonstrable experience as a Business Analyst, within Technology – consultants are required to have in depth knowledge and proven expertise in one or more of the key areas listed under Scope of Work.
- At least 5 years working in cyber security or equivalent.
- Bachelor’s degree in Computer Science, Information Security, or equivalent
- Certificate in at least one of the following areas:
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk Information Systems Control (CRISC)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Penetration Tester (GPEN)
Annex Consulting Group is a full service IT and management consulting firm, specializing in staff augmentation contracting, permanent staffing, and outsourced solutions. Candidates must be legally entitled to work in location advertised.
Not interested but know someone who is a fit for this role? Check out the award-winning Annex Referral Program.
Leaders in IT. Advisors in Business. Partners in Solutions.