One of North America's most recognized and respected brands, voted one of the best companies to work for in Canada, is looking for someone to assist in their continued , large scale business and technology transformation initiatives.
What's in it for you?
Join a team in expansion mode. Be at the forefront of transformation in a Fortune 500 firm looking to take advantage of IOT, Big Data, Cloud, and Mobile platforms. Greenfield opportunity, a chance to build, influence and design- to make the job your own, in a company that has great people and believers in work/life balance etc
Responsibilities
- Provide Security Advisory & Consultation services for product/service acquisition, solution design, implementation and management of major IT systems, projects, initiatives, M&A, new product development.
- Review and interpret requirements documentation, architecture diagrams and solution designs to help determine the feasibility of a project and its security risk.
- Lead the cybersecurity risk and control design reviews for application, process, operations and overall enterprise initiatives.
- Perform thorough and timely security reviews on applications, systems, processes and solution integrations, including cloud-based solutions and vendor services.
- Perform Third Party Supplier Assurance and Risk Assessments.
- Participate in the ongoing maturity of the risk assessment process.
- Must understand risk-based approach, balancing business needs against potential risk and provide risk treatment strategies and facilitate remediation tasks.
- Define, develop, implement and manage Security Policies, Standards & Procedures.
- Work with various stakeholders and project teams to ensure the design and implementation of security architecture and technologies for optimal threat protection, monitoring and incident response.
- Develop on-going technology risk reporting, monitoring key trends and defining security metrics.
- Develop on-going technology risk reporting, monitoring key trends and defining security metrics to measure control effectiveness, compliance and continuous improvement.
- Monitor and advice on cyber security compliance related to IT to ensure internal security controls are functioning appropriately.
- Advise the organization about emerging cyber security threats, technologies and related regulatory requirements.
- A bachelor's degree in Computer science, Computer Engineering or equivalent.
- 7 + years in Cyber Security consultative role preferably within a large/multi-national organization
- Security certification of one or more of the following: CISSP, CISA, CISM
- Strong experience with Risk Assessments
- wide ranging technical security experience, including application security etc.
- Experience in assessing third party service providers.
- Experience with enterprise security platforms and architectural design.
- Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
- Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
- Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals an asset
- Experience working in Agile Framework a definite asset.