Information Security Specialist

• Reason for request / why opened : Replacement
• Interaction with Stakeholders : 70%
• Project Scope : BAU
• Team Size : 25 ppl
• Selling Points of Position : Working within a leading FI organization
• No preferred

Summary of day to day responsibilities :

• About the role : We are looking for someone to lead and execute third party cyber risk assessments of bank’s global suppliers.
• The assessor will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect client.
• The assessor may also participate in department initiatives of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
• Coordinate with key risk stakeholders to initiate, scope and plan third party cyber risk assessments of new and existing suppliers of all risk levels.
• Lead or contribute to the completion of third-party cyber risk assessments at the business application, portfolio, or overall enterprise level.,
• Communicate the cyber risk assessment results to internal and external stakeholders.
• Coordinate with risk stakeholders to identify appropriate risk mitigation and remediation plans. Perform validation of the risk mitigation and remediation plans upon implementation.
• Complete assessments in accordance with internal procedures and standards, industry frameworks and best practices.
• Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
• Contribute to the definition, development, and oversight of a global third-party cyber security management strategy and framework.
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.

Must haves :

• 3+ years of third party cyber risk assessment / assessor experience.
• Expert knowledge of IT security and risk disciplines and practices.
• Advanced knowledge of organization, technology controls, security and risk issues.
• Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
• Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.

Nice To Have :

• Information Security Certification / Accreditation is an asset.

13284

Contract

7 Months

Toronto

J-18808-Ljbffr

Information Security Specialist • Toronto, ON, Canada