Cybersecurity context, and Cybersecurity Risk Analysis * Cybersecurity Architecture definition and requirement allocation * Cascading of requirement to suppliers, Manage Third Parties Risks,
Cybersecurity context, and Cybersecurity Risk Analysis * Cybersecurity Architecture definition and requirement allocation * Cascading of requirement to suppliers, Manage Third Parties Risks,
Experience developing and maintaining Cybersecurity risk metric reporting (KPI and KRI) * Experience managing a vulnerability management program. * Experience in security advisory on projects and ...
Experience developing and maintaining Cybersecurity risk metric reporting (KPI and KRI) * Experience managing a vulnerability management program. * Experience in security advisory on projects and ...
Risk Management and Threat Assessments: * Conduct ongoing enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications and business processes. * Build and maintain ...
Quick apply
Risk Management and Threat Assessments: * Conduct ongoing enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications and business processes. * Build and maintain ...
Risk Management and Threat Assessments: * Conduct ongoing enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications and business processes. * Build and maintain ...
Quick apply
Risk Management and Threat Assessments: * Conduct ongoing enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications and business processes. * Build and maintain ...
The Security Analyst, Security Risk & Compliance will support the management and continuous improvement of Staples Canada's PCI compliance program and broader cybersecurity risk activities. This role ...
The Security Analyst, Security Risk & Compliance will support the management and continuous improvement of Staples Canada's PCI compliance program and broader cybersecurity risk activities. This role ...
Senior Consultant, Risk Management
Toronto, ON · On-site +1
We navigate the dynamic risk landscape across the areas of risk management, confidentiality & privacy, cyber security oversight, regulatory, independence & conflicts, and Anti-Corruption/financial ...
Senior Consultant, Risk Management
Toronto, ON · On-site +1
We navigate the dynamic risk landscape across the areas of risk management, confidentiality & privacy, cyber security oversight, regulatory, independence & conflicts, and Anti-Corruption/financial ...
Analyst, Internal Audit & Risk Management
Toronto, ON · Hybrid
CA$57K - CA$87K/yr
IT audits, insurance, asset management, third-party risk, cybersecurity risk, artificial intelligence tools. * Basic experience with Python & Power BI. * Ability to effectively communicate with ...
Analyst, Internal Audit & Risk Management
Toronto, ON · Hybrid
CA$57K - CA$87K/yr
IT audits, insurance, asset management, third-party risk, cybersecurity risk, artificial intelligence tools. * Basic experience with Python & Power BI. * Ability to effectively communicate with ...
Global Cybersecurity Policies and Standards Analyst, Deloitte Global Technology
Toronto, ON · On-site +1
CA$69K - CA$114K/yr
... risk management * Experience with at least one of the technical domains (networking, operating ... Strong ability to clearly communicate complex cybersecurity statements to technical and non ...
Global Cybersecurity Policies and Standards Analyst, Deloitte Global Technology
Toronto, ON · On-site +1
CA$69K - CA$114K/yr
... risk management * Experience with at least one of the technical domains (networking, operating ... Strong ability to clearly communicate complex cybersecurity statements to technical and non ...
Cybersecurity Strategy and Transformation Senior Manager
CA$144K - CA$241K/yr
As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions ... Provide thought leadership and direction for the cyber risk management practice. * Team with PwC ...
Cybersecurity Strategy and Transformation Senior Manager
CA$144K - CA$241K/yr
As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions ... Provide thought leadership and direction for the cyber risk management practice. * Team with PwC ...
Senior Consultant, Information Risk
Toronto, ON · Hybrid
CA$113K - CA$163K/yr
This is an exciting opportunity for an experienced information security professional who thrives at the intersection of cybersecurity, cloud technologies, risk management, and business enablement
Senior Consultant, Information Risk
Toronto, ON · Hybrid
CA$113K - CA$163K/yr
This is an exciting opportunity for an experienced information security professional who thrives at the intersection of cybersecurity, cloud technologies, risk management, and business enablement
Lead internal and external technology risk, cybersecurity, and ITGC audits, including stakeholder coordination, assurance requests, response management, and deliverable quality review. * Drive ...
Lead internal and external technology risk, cybersecurity, and ITGC audits, including stakeholder coordination, assurance requests, response management, and deliverable quality review. * Drive ...
Conduct comprehensive cybersecurity risk assessments and vulnerability analyses for clients. * Develop and implement tailored cybersecurity strategies, policies, and procedures. * Lead and manage ...
Conduct comprehensive cybersecurity risk assessments and vulnerability analyses for clients. * Develop and implement tailored cybersecurity strategies, policies, and procedures. * Lead and manage ...
... and risk insights to executive leadership, management teams, and diverse stakeholders. * One or more recognized cyber security certifications: * Certified Information Systems Security Professional ...
Quick apply
... and risk insights to executive leadership, management teams, and diverse stakeholders. * One or more recognized cyber security certifications: * Certified Information Systems Security Professional ...
26-067 - Servicenow - Architect
Oshawa, ON · Remote
$85 - $100/hr
... Risk Management (IRM). This role will provide technical and functional leadership to ensure scalable, secure, and sustainable solutions that align with enterprise governance, cybersecurity, risk, and ...
26-067 - Servicenow - Architect
Oshawa, ON · Remote
$85 - $100/hr
... Risk Management (IRM). This role will provide technical and functional leadership to ensure scalable, secure, and sustainable solutions that align with enterprise governance, cybersecurity, risk, and ...
This role sits within the Global Cyber Security (GCS) Global IT Risk team and focuses on identifying, assessing, and advising on risks resulting from RBC's third-party supply chain management ...
New
This role sits within the Global Cyber Security (GCS) Global IT Risk team and focuses on identifying, assessing, and advising on risks resulting from RBC's third-party supply chain management ...
New
... risk management and governance processes. We are professionals who thrive in a challenging ... The Senior Audit Manager is responsible for leading and conducting IT and Cyber Security risk-based ...
... risk management and governance processes. We are professionals who thrive in a challenging ... The Senior Audit Manager is responsible for leading and conducting IT and Cyber Security risk-based ...
Role Overview The Assistant Vice President, Third Party Risk Management (TPRM) is responsible for ... Coordinate with the Information Security Team to assess cyber-security control effectiveness at ...
Role Overview The Assistant Vice President, Third Party Risk Management (TPRM) is responsible for ... Coordinate with the Information Security Team to assess cyber-security control effectiveness at ...
Keeping abreast of external cyber security trends, technologies and cyber risk management approaches, control hygiene of the environment, and often collaborate with other teams on IT risk-related ...
Keeping abreast of external cyber security trends, technologies and cyber risk management approaches, control hygiene of the environment, and often collaborate with other teams on IT risk-related ...
Security GRC Specialist
Toronto, ON · On-site
Risk Management * Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks * Track and ...
Security GRC Specialist
Toronto, ON · On-site
Risk Management * Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks * Track and ...
Security GRC Specialist
Toronto, ON · On-site
Risk Management * Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks * Track and ...
Quick apply
Security GRC Specialist
Toronto, ON · On-site
Risk Management * Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks * Track and ...
Cyber Security Risk Management information
See Toronto, ON salary details
$26.7K - $39.1K
2% of jobs
$39.1K - $51.5K
3% of jobs
$51.5K - $63.9K
2% of jobs
$63.9K - $76.3K
5% of jobs
$76.3K - $88.8K
5% of jobs
$94K is the 25th percentile. Wages below this are outliers.
$88.8K - $101.2K
17% of jobs
The median wage is $113.2K / yr.
$101.2K - $113.6K
16% of jobs
$113.6K - $126K
17% of jobs
$131.6K is the 75th percentile. Wages above this are outliers.
$126K - $138.4K
17% of jobs
$138.4K - $150.8K
11% of jobs
$150.8K - $163.2K
5% of jobs
$26.7K
$112.6K
$163.2K
How much do cyber security risk management jobs pay per year?
What are the key skills and qualifications needed to thrive as a Cyber Security Risk Management professional, and why are they important?
What is cyber security risk management?
What is the difference between Cyber Security Risk Management vs Cyber Security Analyst?
| Aspect | Cyber Security Risk Management | Cyber Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CISM | CompTIA Security+, CEH, CISSP (preferred) |
| Work Environment | Policy development, risk assessment, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Organizations focusing on risk mitigation and compliance | Organizations implementing and maintaining security measures |
Cyber Security Risk Management professionals focus on identifying, assessing, and mitigating security risks at an organizational level, often involved in policy and strategy. Cyber Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the same industry, their core responsibilities differ: risk managers develop strategies, whereas analysts execute security measures and respond to threats.
What does a cyber risk manager do?
What are some typical challenges faced by professionals in Cyber Security Risk Management, and how can they be addressed?
Can you make $500,000 a year in cyber security?
Can I make $200,000 a year in cyber security?
Is security risk management a good career?
Other
Medical, Life, Retirement
Re-posted 15 days ago
Alstom rating
7.5
Based on 49 frontline employees who took The Breakroom Quiz
225th of 430 rated machine equipment manufacturers
Job description
Req ID:479868
At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80 000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.
Could you be the full-time hybrid Project Program Cybersecurity Manager in Toronto, ON, CA we're looking for?
Your future role
Take on a new challenge and apply your cybersecurity and engineering expertise in a new cutting-edge field. You'll work alongside innovative and collaborative teammates. You'll play a key role in shaping the cybersecurity framework of critical transportation systems, ensuring safety and resilience in a rapidly evolving industry. Day-to-day, you'll work closely with teams across the business (engineering, project management, and external auditors), manage cybersecurity risks and vulnerabilities, and much more.
We'll look to you for:
- Analyzing Program security needs (including laws and regulations), determining security objectives and main security risks strategy
- Planning security activities within development life cycle, estimating costs and duration, their impacts related to program execution, Identifying training needs
- Responsible for Cost / Quality / Delay of Program Cybersecurity deliverables, as needed per Project / program context :
- Cybersecurity context, and Cybersecurity Risk Analysis
- Cybersecurity Architecture definition and requirement allocation
- Cascading of requirement to suppliers, Manage Third Parties Risks,
- Application of Cybersecurity Assurance Level
- Definition of Cybersecurity Operating Procedures
- Evaluation of the Project/Program achieved Cybersecurity level
- Providing support during technical design meetings for cybersecurity activities
- Obtaining agreement from Program/Customer about on the set of security measures to be implemented
- Managing vulnerabilities and Cybersecurity issues and actions plan,
- Managing Program Cybersecurity related communication,
- Reporting on Program Cybersecurity status
- In case of external Cybersecurity audit, managing the relationship with auditors Establish lessons learned
- Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct
Performance measurements
- No "NO GO" for Cybersecurity reasons in Gate Reviews
- Quality of Cybersecurity deliverables, in time
- Achievement of Program targeted level of Cybersecurity
- Assessment findings: Low rework due to external or internal assessments
- Vulnerability management is in place
- Respect of Cybersecurity activities QCD commitment
- Cybersecurity issues/incident resolution
All about you
We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role:
- Experience with direct responsibility for hands on architecture, design, development (mandatory)
- Experience related to Cybersecurity in general, deployment experience of security technologies (mandatory)
- Experience with Project Management (mandatory)
- 8+ years of proven experience delivering safety critical systems (mandatory)
- 3-5 years of experience using standards including IEC-62443, CLC/TC 50701, APTA and other standards (mandatory)
- Experience performing cybersecurity analysis on Industrial Control Systems (mandatory)
- Experience with conducting cyber certification for Industrial Control Systems in a lead role (mandatory)
- Experience in embedded or OT/ Industrial systems (railway/aeronautics)
- P.Eng certified
- Experience performing cybersecurity analysis on passenger rail systems
- Experience with conducting cyber certification for rapid transit systems in a lead role
Competencies & Skills
- Engineering Background
- Knowledge of main Cybersecurity standards and regulations, such as: ISO 2700X, 62443, NIST, APTA
- Knowledge of some Cybersecurity solutions and areas
- Methods of Cybersecurity risk analysis
- Architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
- Knowledge of the main techniques for evaluating systems security
- Certification in cybersecurity like CISSP/CISM/CEH/GICSP/CompTIA Security+
Things you'll enjoy
Join us on a life-long transformative journey - the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. You'll also:
- Collaborate with transverse teams and helpful colleagues ,
- Work with cutting-edge cybersecurity standards and technologies to secure critical transportation systems,
- Utilise our inclusive, innovative, and forward-thinking working environment,
- Contribute to innovative projects,
- Benefit from our investment in your development, through award-winning learning,
- Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension)
You don't need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you'll be proud. If you're up for the challenge, we'd love to hear from you!
Important to note
As a global business, we're an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We're committed to creating an inclusive workplace for everyone.