Junior Cybersecurity Analyst - Toronto, Canada - Toronto Transit Commission
Description
JOB INFORMATION
Requisition ID: 9115
Number of Vacancies: 1
Department:
Information Technology Services
Salary Information:
$70,725 - $88,415.60
Pay Scale Group: 07SA
Employment Type:
Regular
Weekly Hours: 35,
Off Days: Saturday and Sunday
Shift: Day
Posted On:
February 14, 2024
Last Day to Apply:
March 3, 2024
The Toronto Transit Commission (TTC) is North America's third largest transit system and has been recognized as one of the top places to work in the GTA.
The TTC's recruitment efforts are directly aligned to its mission of providing "a reliable, efficient, and integrated bus, streetcar and subway system that draws its high standards of customer care from our rich traditions of safety, service and courtesy.
"Information Technology Services (ITS)
New Grad Opportunity:
Junior Cybersecurity Analyst**
General Accountability
Key Job Functions
Duties include:
- Contribute to comprehensive security risk assessments of new and existing information systems, networks and infrastructure to identify potential vulnerabilities, threats, and risks;
- Contribute to evaluation and benchmarking of TTC's cybersecurity capabilities in line with NIST Cybersecurity Framework and develop plans to prioritize actions and investments required to improve capabilities to industry best practices;
- Recommend controls to mitigate security risks identified through the risk assessment process and communicate risk findings that are clear and actionable by relevant stakeholders;
- Contribute to development and implementation of cybersecurity training programs that align with TTC's cybersecurity policies, standards and procedures;
- Create and manage metrics framework that effectively measures employee compliance with information security policies, maintain minimum agreed security awareness training completion rates;
- Ensure security awareness trainings, communications, and marketing are engaging and are aligned to the leading practices in cyber security;
- Conduct cybersecurity training sessions for new hires and ongoing training for existing employees;
- Conduct research and factfinding exercises for maintaining and revising related technologies, policies, guidelines, processes, procedures and standards;
- Ensure security awareness information and documentation are timely updated, reflecting the latest security trends and threats as well as compliance requirements;
- Assess effectiveness of cybersecurity awareness program and the existing practices and make recommendations for continuous improvement;
- Prepare and present various reports relating to areas of responsibility;
- Collaborate with internal and external auditors to facilitate security audits and assessments;
- Perform periodic gap assessments of the information security program to validate compliance on an ongoing basis, facilitate remediation of control gaps and escalates critical issues to leadership;
- Perform 3rd party due diligence (initial risk assessment before commencement of services and ongoing riskbased monitoring) for adherence to TTC security standards;
- Review of information security sections of procurement documents (e.g. RFI/RFP, MPSA, Contracts, and POs) identify gaps, and recommend security and data privacy content to close gaps.
- Maintain inventory of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities
- Work collaboratively with stakeholders and vendors, as well as crossfunctional teams, including information technology (IT), operational technology (OT), legal, compliance, and business units, to ensure effective risk management and security governance
- Participate in incident investigations for potential compliance violations to identify the cause and adjust applicable program, policies or training
- Provide support for various Cybersecurity program initiatives as required
- Participate in disaster recovery and business continuity planning
- Assist in supporting other tasks and activities required by the Information Security team
- performs related duties as assigned.
Skills
- Communicate in a variety of mediums
- Demonstrate specialized expertise and knowledge in the assigned field
Education and Experience
- Graduate (or near graduate) of a university degree, community college diploma, or technical diploma in Computer Scien
More jobs from Toronto Transit Commission
-
Manager, Employee Services Centre
Toronto, Canada - 5 days ago
-
Structure Rehabilitation Vehicle Operator
Toronto, Canada - 3 weeks ago
-
Chief of Staff
Toronto, Canada - 2 weeks ago
-
Project Manager
Toronto, Canada - 3 weeks ago
-
Foreperson, Rail Vehicles
Toronto, Canada - 5 days ago
-
Fire Prevention Inspector
Toronto, Canada - 1 week ago