One of North America's most recognized and respected brands, voted one of the best companies to work for in Canada, is looking for someone to assist in their continued , large scale business and technology transformation initiatives.
What's in it for you?
Join a team in expansion mode. Be at the forefront of transformation in a Fortune 500 firm looking to take advantage of IOT, Big Data, Cloud, and Mobile platforms. Greenfield opportunity, a chance to build, influence and design- to make the job your own, in a company that has great people and believers in work/life balance etc
Be a subject matter expert in cyber security and help in stakeholder management by maintaining strong relationships with external/Internal Audit, Risk & Compliance, Privacy, IT Infrastructure and Operational Business Units.
provide overall strategic and tactical cybersecurity leadership to IT teams and business users in major project initiatives and new product development.
Provide consultation service on the acquisition, design, implementation and management of major IT systems, projects, initiatives, M&A etc.
Lead the cybersecurity risk and control design assessments for application, process, operation and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
Perform timely threat risk assessment (TRA) on applications and systems as well as cloud-based solutions and facilitate remediation tasks with other operational teams.
Third Party Supplier Assurance and Risk Assessments.
Define, develop, implement and manage security standards, policies, and procedures that mitigate risk and maximize security, service availability, efficiency and effectiveness.
Work with various stakeholders and project teams to ensure the design and implementation of resilient security architecture and technologies for optimal threat protection, monitoring and incident response.
Monitor and advise on cyber security compliance related to IT to ensure internal security controls are functioning appropriately.
Advise the organization about cyber security threats, technologies and related regulatory requirements.
Develop on-going technology risk reporting, monitoring key trends and defining security metrics..
Qualifications & Experience
A bachelor's degree in Computer science, Computer Engineering or equivalent.
7 + years in Cyber Security consultative role preferably within a large/multi-national organization
Security certification of one or more of the following: CISSP, CISA, CISM
Strong technical knowledge ideally in security engineering
Practical knowledge of security risk methodologies and assessment framework.
Demonstrated strong technical writing, problem solving, and communication skills.
Extensive cybersecurity consulting experience for large IT projects.
Experience in assessing third party service providers.
Experience with enterprise security platforms and architectural design.
Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.