Security Analyst – Governance Resource

1. Candidate must have at least 5 years Demonstrated experience in Cybersecurity Security Governance, Risk and Compliance.

2. Candidate must have at least 5 years Experience with Business Continuity and Disaster Recovery Planning.

3. Candidate must have at least 5 years Experience developing Security polices, standards and guidelines.

4. Candidate must have at least 5 years Experience with Audit and Regulatory monitoring and compliance.

5. Candidate must have at least 5 years Security Certification (examples of but not limited to CISSP, CISM, CISA, ABCP, MBCP).

6. Candidate must be able to work and be located full-time on site at SaskEnergy Head Office in Regina, Monday to Friday, 8 am to 5 pm.

Background

Enterprise Security is responsible for all aspects of security within the organization including cyber, physical and personnel security. We operate with our partners in the SCADA and Automations teams to provide security to the Industrial Control Systems Network along with our partners in Information Systems to secure the corporate IT infrastructure. The Enterprise Security department within Client's continues to expand its scope of practice.

1.2 Description of Requirements

Our clientis seeking a Security Analyst – Governance Resource, with broad security and governance-based backgrounds to join the Enterprise Security team. The preferred resource should have a minimum of 5 years of recent and practical governance experience, and a minimum of 3 years working as part of a security team. The resource will need to show a broad understanding of security principles, practices, and security trends. The proposed resource(s) MUST have experience working in security governance and business continuity, demonstrated experience in governance risk and compliance, experience with regulations and standards, show what experience they have with preparing and maintaining policies and standards, and Security Certification (CISSP, CISM, CISA). Technical experience to coincide with the security governance experience would be considered an asset.

Ideally the resource will have (Relevant Skills and Experience)

1. Experience creating, maintaining and updating a governance framework.

2. Experience working with Information Technology or ICS\SCADA.

3. Conducting Third Party Security Risk Assessments.

4. Complete Security Compliance Reviews and acting on concerns identified.

5. Preparing and maintaining security processes and procedures.

6. Investigating industry standards. Recommending improvements to security policies, processes and procedures.

8. Support Internal and External Audits.

9. Document, define and manage risks and risk exceptions.

10. Demonstrated Experience in Governance, Risk, and Compliance.

11. Change management compliance monitoring and reporting.

12. Ability to work as part of a team as well as independently.

13. Developing and managing Cyber Security awareness and training program.

14. Strong communication and interpersonal skills.

CONTRACT DURATION

The Contract(s) will be effective for an initial term commencing on the date of award and ending on March 31, 2026. The Contract(s) will automatically renew for successive one (1) year terms, a maximum of four (4) times