Information Security Risk Management Analyst

Job Description

• Assist the Senior Manager, Information Security Compliance in developing and implementing a strategic approach to information security risk management across people, process, and technology.
• Lead the development and maintenance of Information Security risk and governance KPI's, KRI's, and SLA's. Assist with metrics creation and reporting. Provide reporting on the status of information security risks to leadership and stakeholders.
• Participates in third-party and supply chain cybersecurity risk assessments.
• Maintain the IT risk register on the GRC platform (Onetrust, Auditboard).
• Perform Security Threat Risk Assessments of all new projects and technology implementations.
• Develop and maintain IT and Security Risk Assessment processes and documentation.
• Advise various teams on risk mitigation and compensatory measures to reduce risks to acceptable levels, using knowledge of Vancity policies, ...