• jobs
  • 1 month ago

jobs description

Functional Accountabilities
• Collaborates with Strategic Procurement for the sourcing exercise and on-boarding of the third-parties for the execution of cyber assurance activities.
• Leads the execution of third-party cyber risk assessments (pre and post contacting, and ongoing monitoring) to ensure compliance with internal information security policies and procedures, as well as external requirements.
• Ensures that cybersecurity clauses are embedded in the agreements with third parties.
• Manage cybersecurity risks, vulnerabilities, and defects from identification to remediation.
• Performs risk assessments, documents them and support the implementation of mitigating controls consistent with company strategy.
• Generate reports to demonstrate cyber assurance metrics and KPI.
• Identify Cyber risks, communicate and develop “best practice” solutions, and recommend mitigating controls consistent with company strategy.
• Introduce new processes, initiatives to improve cyber assurance... practice.
• Represent the organization and take an active participation on different IT business or security airline specific forums.
• Supporting the leadership team on strategic initiatives specific to the respective portfolio.

Years Of Experience Required

6-8 years of IT technology, operations, and people leadership experience in a large company, with a minimum of 4 years of experience in a cyber security and/or risk & compliance role.

Required Skills
• A relevant University degree/technical certification, and/or relevant experience commensurate to the role
• Extensive application security, SDLC and integration understanding.
• Thorough understanding of Application Security Testing, Penetration Test, Tabletop Exercises.
• Current information security certification (CISSP, CISM or equivalent) is an asset.
• Strong knowledge and understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as SOX, PCI DSS, ISO, CoBIT, NIST, PIPEDA, GDPR.
• Exceptional analytical, organizational and communication skills.
• Self-motivated and independent worker.
• Possess investigative nature and be self-motivated.
• Results oriented with proactive and methodical approach to problem solving.
• Able to multi-task and work under pressure against tight deadlines and changing priorities.
• Must be a team player with ability to work closely with diverse groups and working styles.
• Ability to establish and maintain effective business relationships..

Job 69734
Montreal QC


Apply - Senior Cybersecurity Risk Specialist (contract) Montreal