Senior Specialist, Information Security (Pci)

Req Id: 415889

At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content – we advance how Canadians connect with each other and the world.

If you're ready to bring game-changing ideas to life and join a community that values, professional growth and employee wellness, we want you on the Bell team.

Corporate Services is at the centre of the action, providing the support that enables Bell's industry leadership. Our Corporate Security & Responsibility, Communications, Human Resources, Procurement & Value Creation and Real Estate teams work collaboratively to drive our corporate strategy forward.

The Corporate Information Security team is hiring a Senior Specialist, Cyber Security reporting to the Senior Manager, Information Security. The Specialist is accountable to support the risk management and compliance programs at Bell, its subsidiaries and key suppliers.

In addition, the Specialist, will support Bell's Payment Card Industry Centre of Excellence governed by the PCI Data Security Standard (PCI DSS).

• Plan and conduct PCI Self-assessments individually, including PCI environment scoping, participate in governance reviews, and conduct onsite assessment activities
• Develop and complete program and status reporting, and complete other reports as necessary including Attestations of Compliance (AOC's) and other PCI Self-assessment questionnaires
• Conduct PCI Assessments based on the newest version of the standard Version 4.0
• Lead meetings, chair conference calls, action follow-ups, and proactively interact with the various Business Units to move projects forward to ultimate completion within required timeframes.
• Support and maintain the Security Directive on Payment Card Industry Compliance, and ensure that it meets the most current requirements of the PCI DSS, aligns with industry best practices, other internal requirements, and remains consistent with Bell's risk tolerance
• Support consistent operational implementation of the Directive and PCI DSS compliance across Bell Business Units where applicable, and its key vendors who process credit card transactions on Bell's behalf
• Inform, train and/or support Business Units to appropriately identify, assess, measure and manage PCI DSS risk across portfolios
• Partner and build relationships with various stakeholders responsible for implementing controls and be seen as the PCI DSS resource at Bell
• Partner and build relationships with Security Architecture & Information Security Project Management resources responsible to design security systems and processes, including PCI DSS controls and processes
• Provide reporting to Management on anticipated compliance issues as they relate to PCI DSS, program risks, assumptions, issues and dependencies, and potential program enhancements
• Support, develop and/or sponsor any tools and technologies used in the PCI DSS Centre of Excellence program
• Ensure the efficiency and effectiveness of the PCI DSS processes, through regular review and reporting, understanding of good practice at other organizations, thought leadership and ongoing continuous improvement
• Assist the various team to ensure the remediation of vulnerabilities from internal as well as external scans are manage according the PCI DSS requirements
• Perform all of the above as they relate to Bell's affiliates and subsidiaries

• Possesses a Payment Card Industry Professional (PCIP), Internal Security Assessor (ISA) or a Qualify Security Assessor (QSA) certification
• Possesses a Project Management Professional (PMP) certification.
• Knowledge of PCI DSS requirements both version 3.2.1 and version 4 and Information Security standard such as NIST framework, ISO 27001/2, ISF, CMMC, CIS CSC
• Professional Information Security Certification CISSP / CISA / CIA or similar
• Good understanding of Unix, Linux, Windows operating systems and databases
• Good understanding of networking systems configurations, including firewalls
• Good understanding of application architecture, software development lifecycle processes, including secure coding techniques
• Good understanding of server and infrastructure virtualization technologies, and cloud implementations across AWS, Azure, GCP
• Knowledge of Information Security concepts, including: Tokenization, Cloud technology, Risk Assessments, Vulnerability Scanning, Penetration Testing, Systems hardening, Physical security, Data encryption, File integrity monitoring, and log and monitoring

• Qualify Security Assessor (QSA) preferred, Payment Card Industry Professional (PCIP), Internal Security Assessor (ISA) certification may be considered.
• University degree / diploma in Computer Science or a field related to IT, IT Security or Information Technology, or a solid combination of education and experience
• 3+ years of Cyber/Information Security experience
• Experience in assessing complex client environments from a technological and security standpoint
• Experience in auditing IT systems is a definite asset
• Relationship management, communication, reporting and presentation skills are critical
• Ability to educate and influence others
• Leadership, organization, and planning ability
• Curious and passionate for continuous learning
• Ability to manage deadlines, priorities and accountabilities
• Ability to communicate through analysis and reporting
• Team player –collaborative, adaptive
• Professionalism, integrity, and respect for confidentiality
• Ability to analyze complex problems and discuss them in a simple, logical and thoughtful manner

#EmployeeReferralProgram

Adequate knowledge of French is required for positions in Quebec.

Additional Information:
Position Type: Management
Job Status: Regular - Full Time
Job Location: Canada : Ontario : Mississauga || Canada : Ontario : Ottawa || Canada : Ontario : Toronto || Canada : Quebec : Montreal
Work Arrangement: Hybrid
Application Deadline: 12/31/2023

For work arrangements that are 'Hybrid', successful candidates must be based in Canada and report to a set Bell office for a minimum of 3 days a week. Recognizing the importance of work-life balance, Bell offers flexibility in work hours based on the business needs.

Please apply directly online to be considered for this role. Applications through email will not be accepted.

At Bell, we don't just accept difference - we celebrate it. We're committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.

Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or [email protected] to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at [email protected].

Created: Canada , ON , Toronto

Bell, one of Canada's Top 100 Employers.