Cybersecurity Analyst

GoSecure offers a creative and challenging work environment, a competitive benefit package, and a great atmosphere to foster career growth. Come put your career on the leading-edge and bring your talents to a much sought-after high growth opportunity in technology
- GoSecure

**Summary**

The Cybersecurity Analyst - GRC Advisory is responsible for the provision of the governance, risk and compliance related services offered by GoSecure, with a focus on PCI-related mandates. The incumbent will take ownership of the mandates and will deliver them within a defined timeframe and respecting the allocated budget.

**Duties and Responsibilities**
- Provide strategic security advisory PCI consulting services for enterprise clients, ranging from policy definition to adoption and enforcement.
- Provide other governance, risk and compliance advisory services that are part of Advisory GRC service offering such as, BRA, TTE, privacy compliance, policy development, etc.
- Lead meetings, chair conference calls, action follow-ups, and proactively interact with clients to move projects forward to completion.
- Create professional reports and attestations for clients that detail assessment findings and remediation options.
- Prepare technical documentation within the Advisory team, as required.
- Attend industry events and leading webinars, with a focus on PCI.
- Share knowledge with the team members.
- Contribute to the collaborative and stimulating work environment.
- Provide support to the sales team with pre-sales activities when required.
- Work with multiple clients on a number of projects.
- Mentor less senior security analysts supporting talent growth within GoSecure.

**Qualifications**
- 5+ years of experience in implementing and supporting enterprise security/ information security / compliance / IT Audit role.
- Have or have had the designation of Qualified Security Assessor (QSA) over the past 5 years.
- Knowledge of Information Security risk practices, frameworks and how to report on them.
- Knowledge of Information Security Governance and Compliance frameworks.
- Knowledge of various industry standards and frameworks including ISO/IEC 27000 series, CIS, NIST Special Publications, Risk Management methodologies, and security evaluation methodologies.
- Bachelor’s degree in the field of Computer Science, Information Technology, Information Security, or related vocations and/or equivalent education/experience.
- Strong technical, analytical, interpersonal, communication and writing skills.
- Ability to work both independently and within a global team environment.
- Self-starter, quick-learner, and pro-active problem-solving skills.
- Effective organization, follow-up and time management skills.
- Demonstrated strength in working in a high change environment.
- Ability to develop and foster strong relationships with technology and business stakeholders.
- Effective team collaboration plus the ability to coach and mentor others.
- Strong personal characteristics as demonstrated by the following: achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.
- Bilingualism (French and English) is preferred.
- Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor, CISM, CRISC or CCSP) is a plus.
- Proficient in MS Excel and Word
- Previous experience in risk reporting, working with metrics
- Previous experience in risk management is a plus