Information Security Risk Analyst — Remote
Play a critical role in the insurance industry by performing technical security risk assessments, advising on information security controls, and supporting cloud-based infrastructure projects. This fully remote, contract-based opportunity offers exposure to AI, cloud computing, and risk dashboards in a global enterprise environment.
What is in it for you:
• Salaried: $63.50-66.50 per hour.
• Incorporated Business Rate: $75.50-79.50 per hour.
• 12-month contract.
• Full-time position: 37.50 hours per week.
• Weekday schedule from 9 am to 5 pm.
• Hybrid work: 3 office days, from Tuesday to Thursday.
• Fully remote, with occasional on-site attendance once per quarter.
Responsibilities:
• Assist project teams in identifying and validating security requirements or lead the completion of information risk assessments.
• Perform in-depth risk assessments on projects from a technical security perspective to ensure alignment with security policies and standards.
• Provide input and recommendations to service areas on information security requirements and best practices.
• Collaborate with service areas during Go Live Acceptance Reviews for new infrastructure and services.
• Report on risk assessments in accordance with internal requirements.
• Perform other information risk management tasks as required.
What you will need to succeed:
• Bachelor’s degree in computer science, technology, or a related field.
• Certifications such as CISSP, CISA, CISM, or CEH are considered an asset.
• 5+ years of relevant experience in information security and risk management.
• Solid understanding of security architecture and controls across infrastructure platforms such as Windows, Unix, RH Linux, networking, virtual hosting, end-user technologies, and cloud computing (IaaS, PaaS, SaaS).
• Experience with security systems including privilege management, SIEM, NAC, vulnerability management, PKI/encryption, APT solutions (FireEye, Z-scaler), Firewall/IPS, and WAF.
• Familiarity with OWASP, SANS, or other security frameworks and penetration testing methodologies.
• Knowledge of application security best practices such as secure coding and security testing techniques.
• Hands-on experience with cloud platforms such as Azure, AWS, or GCP.
• Experience with Windows services including Active Directory, DNS, IIS, MSSQL, and federated services such as ADFS, SAML.
• Experience with collaboration and messaging platforms like Office 365 and SharePoint.
• Understanding of AI technologies and deployment models is considered an asset.
Why Recruit Action?
Recruit Action (agency permit: AP-2000003) provides recruitment services through quality support and a personalized approach to job seekers and businesses. Only candidates who match hiring criteria will be contacted.
MFCJP00015800
