Cyber Security Risk Analyst

About the Role

The Cyber Security Risk Analyst at S&P Global is responsible for supporting and coordinating activities across the cyber security department. This role is embedded within a dynamic team focused on safeguarding sensitive financial data and systems.

The Impact

Work from inception to completion on crucial security projects, build relationships with IT and business partners, and recommend process improvements to mitigate cyber risks.

Responsibilities

• Escalate, manage, and report divisional cyber security risks.
• Prioritize mitigation of identified vulnerabilities.
• Collaborate with platform teams for compliance and resolution.
• Coordinate with internal and external stakeholders regarding regulatory compliance.
• Assist with documentation, risk assessments, and secure code training onboarding.

What We’re Looking For

• Bachelor's or Master’s in Computer Science, Information Systems, or related fields.
• 5+ years’ experience in Information Security, Audit, or Compliance.
• Experience in Vulnerability Patch Management and Application Security.
• Exposure to Offensive or Defensive Security techniques and Security Architecture.
• Familiarity with ISO 27001, NIST SP 800-53, or similar standards.
• Financial services industry experience and relevant certifications (CISSP, CISM, CRISC, CISA).
• Strong communication, analytical, and project management skills.

Location & Work Arrangement

This position is based in Toronto, Canada with a hybrid work arrangement (2 days onsite).

Key Skills/Competency

• Cyber Security
• Risk Management
• Compliance
• Vulnerability Management
• Cloud Computing
• Agile
• Documentation
• Secure Code Training
• ISO 27001
• NIST SP 800-53