Senior Analyst, Security Governance, Risk and Compliance - Permanent - 18006

Our client is building the future, and their people are at the heart of everything they do. Our client is always looking for exceptional talent to work on our exciting and ever-expanding project portfolios. They are focused on being the #1 Canadian Infrastructure Company and the first-choice employer in our industry.

Duties include but are not limited to :

• Perform security risk assessments of new or existing services, applications, technologies and vendors. Documents and effectively communicates findings to key stakeholders
• Provide consultative advice to help IS and the business make informed risk management decisions
• Identify and recommend appropriate controls to address identified security risks and help strengthen security posture
• Identify opportunities to enhance existing processes for identifying and managing security risk
• Design, operate and manage a compliance framework with associated controls that align with ISO 27001
• Maintain existing and develop new information security governance documents, including policies, standards, procedures and guidelines
• Work with Internal Audit, Legal, Privacy and other key stakeholders to ensure that IS policies, procedures and controls are aligned with all associated requirements
• Liaise with internal / external auditors, clients and business teams to facilitate audits and / or risk reviews and help to collect the required information. Ensure timely management response to findings and track remediation through to closure
• Ensure that in-place security controls are working effectively by designing and implementing appropriate KPIs and / or KRIs for reporting
• Prepare monthly, quarterly and annual reports and / or presentations for various senior management audiences, including steering committees and board of directors
• Validate appropriate security controls of vendors and other 3rd parties who safeguard the company’s information assets and computer systems by performing contract reviews and security compliance reviews
• Conduct monthly reviews with security service providers to ensure compliance with service level agreements (SLAs) and other contractual / service requirements
• Act as a backfill for other security team members, as required

About You

The successful candidate will have the following :

• A university degree in Computer Science, Information Security or related equivalent is required
• CISM, CISA, CRISC or CISSP certifications are an asset
• 8+ years of experience in an IT related field
• 5+ years in an information security / compliance function or IT audit role
• 3+ years of experience in information security risk management
• Significant knowledge of, and experience with, legal and regulatory compliance standards such as GDPR, PCI-DSS, PHIPA, ISO 2700-1 and / or NIST
• Significant knowledge of computer networking concepts and protocols and IT security methodologies
• Ability to adapt to constantly changing technical, regulatory, and compliance environments
• Results oriented, high energy, and self-motivated
• Excellent verbal and written communication skills
• Ability to work in a team-oriented, collaborative environment
• Strong problem solving and analytical skills
• Ability to handle multiple competing priorities and meet tight deadlines

About the Job

• Competitive salary $85,000-$90,000
• Opportunity to work with industry leaders and innovative technology solutions.
• Professional development and growth opportunities.
• A collaborative and supportive team environment.
• A Hybrid work schedule, 3 days in the office, 2 days at home (Airport area)