Sr Security and Risk Advisor

BQ International Inc
Winnipeg,MB
48,5 $ / heure (estimé)
Temps plein

Description :

Responsible for analyzing and making recommendations pertaining to information security, incident response, policies, standards, and awareness.

The position is expected to keep abreast of emerging technology, security threats, and industry standards, and apply these concepts and techniques within the corporate environment.

Required to perform confidential, sensitive systems reviews and investigations, as well as moderate to complex system analysis and, as required, be available during disaster recovery and disruptions.

DUTIES INCLUDE, but not limited to :

Advisory and Analysis Services

  • Participates in information security architecture and system design development, ensuring that all activities adhere to the corporate information security principles, standards, and processes
  • Assists with the development, maintenance, controls and enforcement of the corporate directives and practices, pertaining to information security.
  • Assists with the development of internal and external communication to educate target audiences regarding information security, and delivers the information to target audiences.
  • Works with various teams to assist with planning and development of controls that manage access to corporate information in a manner which complies with policies and practices.
  • Develops and maintains expertise in one or more areas of security threat and incident.
  • Supports security compliance and remediation initiatives for technology, processes and services to ensure ongoing effectiveness of the information security program, protect the business from unknown exposures and ensure compliance with regulatory and contractual requirements.
  • Coordinates and / or participates in business security threat and risk assessments, and risk control assessments.
  • Measures and communicates the risks and potential mitigation strategies to reduce the risk to an acceptable level.
  • Contributes to business cases for security solutions with a keen focus on risk assessment practices.
  • Participates in ad hoc consulting services to the business to identify information security requirements based on scope and risk.

Research, Incident Management and Investigation

  • Manages major security incidents, and ensures preventative measures are taken to protect the business.
  • Coordinates eradication and mitigation activities with business and IT partners for security incident recovery related to any IT or business application / infrastructure security incident.
  • Works with other departments providing consultation regarding their security concerns.
  • Follows up with technical teams to ensure controls and mitigation strategies are in place and effective.
  • Follows up with technical teams to ensure controls and mitigation strategies are in place and effective.
  • Maintains and administers the information security service requests in alignment with company polices.
  • Develops and / or provides input into reports and presentations with regard to security, as requested.

Research and Project Support

  • Participates in the research and development of security and risk standards and procedures, organizes their adoption, and monitors them for effectiveness.
  • As required, participates on corporate technical projects regarding security-specific components of these projects.
  • Researches and provides consulting expertise to all other staff on security matters in alignment with corporate security policies and standards, and the Information Security Officer recommendations.
  • Education :
  • University degree or a two-year college diploma in Computer Science or similar discipline
  • Completion of one or more of the following Information Security Management professional designations is preferred :
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Systems Auditor (CISA)
  • Certified Penetration Tester (GPEN)
  • Certified Forensic Analyst (GCFA)Offensive Security Certified Professional (OSCP)
  • Other information security credentials
  • Demonstrated record of related continuing education and certifications in the Information Technology field
  • Experience :
  • Seven years in the IT industry with four years related experience with supporting Information Security issues and controls
  • Technical Knowledge and Skills :
  • Excellent interpersonal and written communication skills
  • Ability to deal with highly confidential matters
  • Strong critical thinking and decision making skills
  • Knowledge of security related policies, procedures, and practices
  • Ability to manage multiple priorities under strict deadlines
  • Demonstrated strong analytical and investigative skills with regard to moderately complex to complex issues.
  • Demonstrated ability to develop and maintain collaborative partnerships
  • Ability to relate to others with all levels of technical competency
  • Strong Understanding of security and control frameworks such as COBIT, ISO 27002, NIST
  • Il y a plus de 30 jours
Emplois reliés
BQ International Inc
Winnipeg, Manitoba

Participates in the research and development of security and risk standards and procedures, organizes their adoption, and monitors them for effectiveness. Researches and provides consulting expertise to all other staff on security matters in alignment with corporate security policies and standards, ...

S.i. Systems
Winnipeg, Manitoba

SMP/E and system utilities, ACF2, RACF, IO Gen (HCD), Assembler Language knowledge and ability to develop, maintain and deploy Assembler code, BMC & IBM Scheduler software, TSO, ISPF, understanding of problem & change, management (eESM experience is an asset), Install and support program products, i...

Jobber
Canada
Télétravail

This role is ideal for entry-to-intermediate level candidates in the security, governance, risk and compliance space. Our Security Analyst, GRC, focuses on the governance side of security and is not a technical security operations position requiring specific technical certifications or experience. D...

S.i. Systems
Winnipeg, Manitoba

Conduct cyber risk assessments on new and existing technical solutions to identify security risks and control gaps. Collaborate with security and technical teams to ensure security requirements and risks, including potential mitigations, are understood. Experience with risk management and security c...

SSRG Scarlet Security & Risk Group
statewide, ON, CAN

Scarlet Security and Risk Group (SSRG) specializes in providing integrated security solutions to customers across Canada. We provide innovative and value-based security solutions to customers in several markets. Shifts are 12 hours long and include both day and night shifts. Valid Standard First Aid...

S.i. Systems
Winnipeg, Manitoba

Security Architect to support the build of a new Data Centre from a security perspective and migration within the Financial Industry. The project aspect involves designing and building a new data center (DC) from a security perspective and migrating services from a legacy DC to the new facility. On ...

Shared Health
Winnipeg, Manitoba

Work assignments within the job may focus on monitoring and responding to security alerts as well as customer reported cybersecurity issues/concerns, supporting Digital Shared Services cybersecurity incident response and vulnerability management practices, ensuring managed security services are depl...

SIX Payment Services
Canada

You possess 5 years of experience as an operational risk, information security, security risk management and/or cybersecurity professional. We craft and operate leading digital payment and transactional solutions that enable sustainable economic growth and reinforce trust and security in our societi...

Offre sponsorisée
World Investigation
Winnipeg, Manitoba

Looking for full-time employment with flexibility to be on the go and not stuck in the office all day?.You might not have ever thought about this line of work but take a look, it has a little of everything.We have been in business for over 53 years and looking for an individual wanting to make this ...

Offre sponsorisée
Guardian Chemicals Inc.
Canada, CA

Our Core Values Seek Understanding – Ask, listen, absorb Growth Mindset – Always looking to develop Initiative – Take the first step, go beyond Grit – Perseverance through determination Courage – Try what scares you, trust those around you, say what matters Elevate Others – Create heroes in those ar...