Security Risk Analyst
The Security Risk Analyst is responsible for identifying, assessing and supporting the management of information security risks across the Firm. Reporting to the Manager, Compliance & Risk, this role contributes to the Firm’s risk management program by evaluating technology risks, supporting control assessments and assisting in the development of mitigation strategies.
Key Responsibilities
- Identify and assess information security risks by evaluating systems, processes and technologies to determine potential vulnerabilities and impacts.
- Analyze risk findings by documenting risk levels, control gaps and mitigation recommendations to support decision‑making and risk tracking.
- Support control reviews by assessing the design and effectiveness of security controls to ensure alignment with policies and standards.
- Evaluate vendor and third‑party risks by reviewing security documentation and assessing co...