Type of Qualifications:
▪ Strong written/verbal communication skills (English / French) an asset.
▪ Strong organizational proficiency, able to demonstrate rigor and thoroughness
▪ Good communicator with demonstrated ability to pass communicate in a clear and concise manner
▪ Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict
▪ Ability to coordinate actions from several different teams
▪ Strong ethics
Type of Technical Skills Required:
▪ Bachelor of Computer Science degree from an accredited college or university, or equivalent work experience.
▪ Minimum 5 years of professional work experience, including a minimum of 3 years in an Information Security, IT Governance, IT Audit or Risk Management role
▪ Subject matter expert in Microsoft Excel and PowerPoint
▪ SOC, NIST, Cobit, ITIL, ISO27001 knowledge.
During our 3 months of training and onboarding period, you will work with our core team in Montreal, Canada to gain a full-service understanding with the knowledge required for successful services development. All expenses will be covered.
▪ Ensure that the Information Security risk tracking and management program is followed in regard to monitoring of risks in the environment, reporting on the risks & escalation to senior management
▪ Own, manage and improve the Information Security Risk Tracking process
▪ Conduct meetings with business technology officers as well as department heads to enforce team to team and intra—team cybersecurity risk-based communication
▪ Ensure alignment with the regulatory requirements and internal requirements for the
management of IT and Information Security risks (Cobit, ITIL)
▪ Ensure all requirements requested by regulatory examiners (PCIS, SOC, ISO27001) during exams are executed for example evidence collection, evidence narratives, PowerPoint presentations, etc.
▪ Perform risk-based or control-based assessment (RCSA, CIS20, Control Campaigns, NIST Maturity, Records Management, etc.)
▪ Assist in the management of Internal Audit recommendations assigned to the Information
Security department for tracking, following up and reporting
▪ Provide regular reporting, and ad-hoc escalation, for any of the CyberSecurity Risk teams