We are seeking a Junior Security Analyst to join our growing Cybersecurity team. This is an exciting opportunity for someone with experience in assessing cyber risks, ensuring security by design, and supporting the secure development of business applications and projects.

In this role, you will collaborate with Business, Risk, Privacy, and Technology teams to identify and evaluate cyber security risks. You will provide actionable security recommendations aligned with business needs, compliance requirements, and regulatory standards. Your work will include documenting and tracking risks, providing guidance to project teams, and helping drive security best practices across the organization.

Key Responsibilities:

• Serve as a liaison with Business and Risk teams to gather project requirements and assess security considerations.

• Review business applications and services to ensure compliance with security standards and best practices.

• Act as a subject matter expert on cyber security topics related to business initiatives, prioritizing risks and recommendations effectively.

• Develop and maintain security tracking for critical projects.

• Collaborate with privacy and risk teams to align security assessments and ensure compliance.

• Coordinate with business and technology teams to document and implement necessary security requirements.

Qualifications:

• 2+ years’ experience in secure design and project risk assessments for cloud, on-prem, and SaaS environments.

• Strong understanding of information security frameworks and standards (e.g., ISO, PCI DSS, NIST CSF, NIST 800:53, CSA CCM).

• Previous experience in a consultancy or advisory role, collaborating with Technology, Project, and Business teams.

• Bachelor’s or Master’s degree in Information Technology, Computer Science, or a related field (or equivalent experience).

• Knowledge of AI systems and relevant security controls is a plus.

• Experience providing security recommendations based on application security testing (e.g., Secure Code Review, DAST, SAST).

• Practical knowledge of threat modeling methodologies and ability to articulate risks and mitigation strategies.

• Strong written and verbal communication skills, with the ability to explain complex risks to leadership.

Preferred Certifications:

• CISSP, CRISC, ISSAP, CISM, CISA, CCSP or other relevant security certifications.