About the role:
Are you interested in joining a dynamic work environment in which carefully crafted training plans feature opportunities for internal promotion, and career training with excellent employee retention? Our client, with a reputation for excellence in research and innovation, coupled with an international outlook, and support for employees, attracts the best researchers and experts from around the world and are growing their team!
As an employee, you will be working in a multicultural environment that fosters diversity, inclusion, respect and appreciation. To encourage you to feel at home, our Client has created a work environment that promotes health and well-being and facilitates a healthy work-life balance.
Our Ottawa-based client currently requires a Bilingual (essential) Information Security Risk and Compliance Specialist to perform the following duties:
• The Information Security Risk and Compliance Specialist is vital role responsible for designing and implementing an overall information security risk and compliance management process.
• The incumbent will manage the process of gathering, analyzing, and assessing the current and future information security and privacy threats.
• Focus on delivering the objectives within the information security strategy as well as enhancing a security program that identifies and addresses security and privacy risks and requirements.
• The incumbent works with various stakeholders to drive the information security agenda, ensuring it meets complex compliance requirements, as well as maintaining, monitoring, and promoting information security best practices.
• Acts as a specialist with a deep knowledge of various security risk management and compliance frameworks and plays an integral role ensuring security controls and requirements are incorporated into all information technology projects and initiatives.
• Focused on prioritizing and optimizing technological investments that facilitate the best user experience.
• University degree in Computer Science or Information Technology or a related field or an equivalent combination of education and experience;
• Bilingual: French and English (spoken and written) – mandatory
• Minimum of 7+ years of information security, IT audit and/or IT Risk Management experience
Expert understanding of NIST and ISO Risk Management Frameworks, ITSG-33, NIST CSF, ISO 27002, COBIT, SOC 2, and other relevant frameworks.
• Experience with cloud security assessments (AWS, Azure, GCP, etc.).
• Experience with risk discovery and assessment, as well as appropriate mitigation and controls.
• Good knowledge of the latest trends in information security and risk management, e.g. evolving technologies, cyber risk mitigation, etc.
• Experience of auditing IT environments, either through an internal or external audit role.
• Broad knowledge of IT architecture and underpinning technologies including but not limited to: identity and access management, cloud hosting providers, database administration.
• Experience designing and supporting large-scale, end-to-end information security systems in a complex, both on-premises and cloud hosted, multi-platform environment;
• Knowledge of security technologies such as various monitoring and log aggregation platforms, penetration testing frameworks, operating systems, vulnerability scanners, and endpoint security solutions;
• Leadership skills, ability to coach and mentor other IT professionals;
• In-depth analytical skills for complex problem solving – identification, diagnosis, resolution;
• Knowledge of the University’s information technology and security policies, procedures and standards would be considered an asset;
• Experience in project management and meeting strict deadlines;
• Good communication skills to interact with team members, support personnel, and provide technical guidance and expertise to clients and management;
• CISSP or CRISC or other information security certifications is an asset;
• Ability to work a flexible schedule including occasional weekends and evenings.
Type of assignment:
Become a part of the Calian team and join over 3,000 professionals working on projects that span Canada, U.S. and international markets. Our capabilities are diverse enabling us to offer professionals career opportunities within business and technology services in health, training, engineering and IT services as well as within the design, manufacturing and maintenance of complex systems to the communications and defence sectors. Founded in 1982, Calian is a Canadian company that is publicly traded on the Toronto Stock Exchange (CGY).Calian values diversity and is an equal opportunity employer. Calian is committed to being responsive to the diverse needs of its members, employees, and others, by striving to prevent and remove systemic barriers. All qualified individuals are encouraged to apply and we welcome applications from women, visible minorities, Indigenous Peoples, persons with disabilities, persons of diverse sexual orientation, gender identity or expression and others who may contribute to diversity of our organization. We thank all applicants for their interest; however, only candidates under consideration will be contacted. We will provide accommodations during the recruitment process upon request.