Enable job alerts via email!

Senior Risk & Compliance Specialist

LanceSoft

Toronto

On-site

CAD 90,000 - 130,000

Full time

4 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading company is looking for a Risk/Compliance Specialist for a 133-day contract in Toronto. The ideal candidate will possess over 7 years of experience in information security, with a focus on governance, risk management, and compliance. You will lead vendor assessments, develop security policies, and ensure adherence to industry standards. This position requires excellent communication and interpersonal skills to engage with diverse stakeholders in a fast-paced environment.

Qualifications

7+ years of experience in information security, focusing on governance and compliance.
Expertise in cybersecurity risk management and third-party assessments.
Proficient in industry standards such as PCI-DSS, NIST, ISO 27001.

Responsibilities

Lead security and vendor risk assessments, developing mitigation strategies.
Collaborate on cybersecurity requirements for new solutions.
Develop security governance artifacts and compliance processes.

Skills

Communication

Interpersonal skills

Presentation skills

Security governance

Risk management

Compliance knowledge

Time management

Self-motivation

Cybersecurity awareness training

Tools

ServiceNow

OneTrust

Audit Board

Microsoft Office

Position: Risk/Compliance Specialist
Location: Toronto, ON ()
Duration: 133 Days Contract + Possible Extension

Experience/skills required:

A minimum of seven (7+) years of experience in information security. Including working with large security projects
Strong communication, interpersonal and presentation skills for engaging with diverse stakeholders
Expertise in security governance, risk management, and compliance, including developing road maps, policies, standards, procedures and processes
Proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle
Ability to work in cross-functional teams, communicating complex technical information to all levels of the organization, including the leadership team
Proficient in cybersecurity risk management and third-party risk management tools (e.g., ServiceNow, OneTrust, Audit Board).
Experience with development of security processes, procedures and standards documentation
Strong knowledge of industry standards and regulations such as PCI-DSS, NIST, ISO 27001 and the ability to ensure compliance
Strong time management skills and the ability to prioritize project work and ongoing responsibilities
Self-motivated with the ability to work independently in a fast-paced environment in a fast-paced environment
Proficiency with standard Microsoft Office tools such as Word, Excel, PowerPoint, PowerBI and Visio

Must Have Requirements:

7+ Leading security and vendor risk assessments, identifying risks and gaps, and developing mitigation strategies for third-party vendors.
7+ Collaborate with internal teams and vendors to develop cybersecurity requirements for new solutions
7+ Develop the security process, procedure, governance artifacts and security controls within the Cybersecurity Risk Management and Governance/Compliance Programs.
7+ years experience in contract negotiation with procurement and legal teams through RFP processes and vendor evaluations throughout procurement life cycle
7+ years experience knowledge of industry standards and regulations such as PCI-DSS, NIST, ISO 27001
7+ years experience with cybersecurity risk management and third-party risk management tools – ServiceNow and OneTrust
7+ years experience facilitating cybersecurity awareness training

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs