Job Description

:

S&P Dow Jones Indices provides iconic and innovative index solutions, bringing transparency to global capital markets.

The Role: Cyber Security Risk Analyst (Virtual)

The Team:

Are you passionate about cyber security? Do you enjoy solving complex problems and collaborating with diverse teams? The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement. The Cyber Security Risk Analyst will join a team responsible for safeguarding the sensitive financial data and systems of the organization. Our team typically operates in a dynamic environment and values the ability to adapt to evolving cyber threats while maintaining the confidentiality, integrity, and availability of our critical financial assets.

The Impact:

As the embedded Cyber Security Risk Analyst, you will participate in tasks and projects from inception to completion, build relationships with IT and Business partners, recommend process solutions and approaches that tackle challenging cyber problems and minimize risk for the business.

What\'s in it for you:

Enhance your complex problem-solving skills by collaborating with diverse IT teams. The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement. Strengthen your Cloud compute skills by working in an Agile and Cloud environment.

Responsibilities:

• Escalate, manage, and report on divisional cyber security risk
• Prioritize the mitigation of identified vulnerabilities within the business division. Work with the various platform teams to resolve vulnerabilities, resolve false positives with the team and/or vendor to remain or bring platforms in compliance with the organizations policies and standards
• Collaborate with internal and external stakeholders to ensure compliance with regulatory requirements
• Assists in the review of standards, policies, and procedures and performs rationalization per compliance guidelines. Supports the development and maintenance of system level documentation
• Assists in the performance of application risk assessments. Internal Audit and Client requests for information
• Influence and manage the onboarding of developers for secure code training to augment the enterprise security awareness training
• Serve as the divisional security champion for developers

What We\'re Looking For:

• Bachelor\'s or master\'s degree in Computer Science, Information Systems or similar fields
• 4+ years\' experience in Information Security, Audit or Compliance
• Experience with Vulnerability Patch Management
• Experience with Application Security
• Experience in Offensive or Defensive Security techniques
• Exposure with Software Security Architecture, System Design and Analysis Skills
• Experience with ISO 27001, NIST SP 800-53, or other relevant standards (preferred)
• Financial services industry experience
• Certification in CISSP, CISM, CRISC, CISA, or equivalent
• Project management skills
• Excellent communication, analytical, and problem-solving skills

Flexible Working

We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us at interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can.

Return to Work

Have you taken time out for caring responsibilities and are now looking to return to work? As part of our Return to Work initiative (link to career site page when available), we are encouraging enthusiastic and talented returners to apply, and will actively support your return to the workplace.

Grade/Level (relevant for internal applicants only): 10

The Location: Virtual - Toronto or Quebec City, CA

Compensation/Benefits Information (US Applicants Only):

In addition to base compensation, this role is eligible for an annual incentive plan.

This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, visit spglobal.com/benefits.

About Company Statement:

S&P Global delivers essential intelligence that powers decision making. We provide the world\'s leading organizations with the right data, connected technologies and expertise they need to move ahead. As part of our team, you\'ll help solve complex challenges that equip businesses, governments and individuals with the knowledge to adapt to a changing economic landscape.



Equal Opportunity Employer

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to: and your request will be forwarded to the appropriate person.

US Candidates Only: The EEO is the Law Poster describes discrimination protections under federal law.

IFTECH103.1 - Middle Management Tier I (EEO Job Group)

Job ID: 291565
Posted On: 2023-09-17
Location: Virtual, Ontario, Canada

S&P Global