Cloud Security Analyst – Power BI

JOB DESCRIPTION

Location: Hybrid | Downtown, Toronto

Duration: 6 months

Our client a leading financial institution in Downtown Toronto is looking for a Cloud Security Analyst – Power BI to provide support to development teams in retrieving vulnerability/finding details related to KPIs/KRIs and help triage their issues. The successful candidate will have the opportunity to work with one of the Top 5 Banks in Canada.

Typical Day in role:

As a key member of the Security Enablement and Engagement team, the contractor will help the broader team modernize critical security processes for our developer community through various forms of engagement and operational work. In this role, they will serve as a subject matter expert on metrics related to tracking, monitoring, dashboarding, (KPIs, KRIs security findings, vulnerabilities) and day-to-day operations. Responsibilities may also include administering and tracking training programs, maintaining communication channels, and coordinating developer engagement activities such as product launch events and updates.

  • Reporting and Metrics – keep track of KPIs for Cloud & Application Security.
  • Using these metrics, assist in delivering progress reports to business lines on their team’s KPIs/KRIs—audit and regulatory compliance priority
  • Provide support to development teams in retrieving vulnerability/finding details related to KPIs/KRIs and help triage their issues.
  • Curate KPI/KRI historical progress to allow period-over-period comparisons and track how business is improving/progressing over time.
  • Derive insights from correlated metrics and communicate regularly to Cloud & Application Security leadership, including steerco, if required.
  • Program Awareness & Outreach: (assist from time to time, whenever resources are tight)
  • Assist in influencing culture-shift and spreading awareness of AppSec Standards, upcoming migrations, their potential impact and discussion boards.
  • Assist newly onboarded developers/engineers and set them up for success faster than their predecessors regarding the Bank’s security standard and processes.
  • Assist in organizing 10-12 Lunch and Learn sessions per year to engage the dev community about Bank standards, current and upcoming tool migrations, and KPI/KRI results that demonstrate how their work is keeping the Bank safe.
  • Regularly solicit feedback on migration efforts and share w/stakeholders for action.
  • Maintain team’s portal updated with self-serve resources for business line devs teams
  • Cloud & AppSec Trainings/KT:
  • Assist in administering/hosting trainings, lunch-and-learns year-round, including communications, participant tracking, esp. reporting on developer progress to identify gaps in information dissemination.
  • Curate self-serve training documentation, that would guide developers how to navigate the Bank’s evolving toolset and corresponding processes.
  • Enablement Support – assist in supporting managers and developers:
  • Occasionally provide Level 1 support for cases related to onboarding, offboarding, triaging, other non-standard requests, as well as support regarding training, FAQs, online resources. – grassroots familiarity with the struggles of dev teams can help with distillation of insights.

Must-Have Skills:

  • 10+ years’ experience of relevant IT and analytics experience, with 3+ years of experience as a Cloud Security Analyst (GCP, Azure)
  • Expert level of experience and knowledge of Power BI (dashboards, data source integration)
  • 3+ years’ experience with enterprise infrastructure management and automation (with at least 2-3 of these: PowerShell, Python scripting, .NET scripting, M365, Azure and Power Platform technologies)
  • 3+ years’ experience with Git in Azure DevOps pipelines, YAML, CRON
  • 3+ years’ experience with SQL Server, SSI packages and designing table structures

Nice-To-Have Skills:

  • Experience with SAST, DAST, MAST, SCA tools, Aquasec, Checkmarx, related apps
  • Recent relevant Financial Industry Experience supporting Security related vulnerabilities –hands on experience would be ideal

Soft Skills Required:

  • Excellent analytical skills with superb ability to distil complex results into simple to understand findings and actionable insights the business can take.
  • Great communication and triaging skills with developers and leadership teams on a regular basis (Presenting, engaging stakeholders, developers etc.)
  • Ability to work well under pressure, demonstrating professionalism and experience.
  • Great customer experience skills.
  • Fast, adaptable learner.
  • Organized, self-sufficient with a good sense of autonomy and prioritization skills.
  • Must have the ability to generate reports and tailor communication strategies for various levels of technical staff and management.

Education:

  • University degree or college diploma – in Systems Engineering or Computer Science
  • Data analytics certifications an asset

Finance professional is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. We advocate for you and welcome anyone regardless of race, color, religion, national origin, sex, physical or mental disability, or age.