Requirements:

• Coordinate with multiple internal and external stakeholders in order to implement missing IT and security controls for multiple applications under your responsibility. Stakeholders may include Business users, Developers, Suppliers & Global Cyber Security expert teams. Most common application controls that require coordination are:
  • Information Classification (IC)
  • Application Penetration-Testing (EPA)
  • Application Threat Modelling (SP)
  • Completing the ‘Data@Cloud’ Cloud Risk Assessment
  • Documenting the Technical and organizational Measures (TOM) checklist
  • Authentication and Authorization implementation (SSO, MFA)
• Provide regular and timely updates of the remediation progress to project manager and stakeholders.
• Maintain required documentation of the applications.
• Maintain confidentiality and adhere to secure practices when sharing and working with confidential information
• Ensure open risks are addressed according to the Information Security Risk Management (ISRM) framework with the support of a Risk Expert.

Skills:

• Bachelor’s Degree (accredited school) or equivalent with emphasis in computer/information science, IT
• 2+ years of experience in IT Business Analysist or similar function.
• An overall knowledge of IT application support functions is required.
• Well versatile using MS Outlook, Project, & Office productivity tools/software.
• Basic knowledge of IT the risk management concept.
• Excellent communicator, able to engage and effectively respond to diverse stakeholders.
• Able to schedule multiple tasks, facilitate discussions with Business users & Suppliers, and help decision-making.
• PMP and German language definite plus

Location: Greater Toronto Area/Mississauga, as this is a hybrid role