Senior Information Security Advisor (Cybersecurity Risk & Cloud Security) TOR, ON
Job Summary
Senior Information Security Advisor (Cybersecurity Risk & Cloud Security)
Support impactful cybersecurity initiatives within a leading insurance environment where your expertise will help strengthen security practices protect critical business information and influence enterprise-wide projects. Enjoy a hybrid work model collaborate with diverse stakeholders and contribute to meaningful security and risk management initiatives in a dynamic technology-driven setting.
What is in it for you:
Salaried: $50-55 per hour.
Incorporated Business Rate: $60-65 per hour.
Contract with the potential for permanent employment.
Full-time position: 37.50 hours per week.
Day schedule 37.50 hours per week.
Hybrid work model with one day per week in the office.
Responsibilities:
Conduct information security risk assessments for business initiatives applications suppliers and third parties.
Review contracts to ensure appropriate security provisions and requirements are included.
Assess supplier and third-party security risks.
Advise stakeholders on information security best practices.
Ensure security controls implemented within projects and initiatives align with organizational security policies and directives.
Provide security consulting and technical guidance to support the implementation of appropriate security controls that protect confidential information from accidental disclosure modification or destruction.
Review emerging information security strategies.
Provide preliminary recommendations to management regarding information security risks.
Track and manage open information security risks ensuring remediation plans and target dates are established and monitored with the appropriate risk owners.
Report to management on the status of information security risk assessments identified risks policy exception requests and current work activities.
Collaborate with business architecture infrastructure compliance and risk legal privacy and external third-party stakeholders.
What you will need to succeed:
Post-secondary education in Computer Engineering Computer Science Information Technology Information Security and Risk Management or comparable professional education or training in a related field.
Professional information security certification such as CISSP CCSP CISM or CISA is preferred.
7 years of experience in Information Security and/or Information Technology preferably including Information Security Risk Management.
Experience performing information security risk assessments.
Experience performing cloud security risk assessments.
Experience assessing cloud-based (SaaS) technologies including AWS and Azure.
In-depth knowledge of information security and IT principles protocols practices and industry standards.
Strong understanding of existing and emerging information security technologies including encryption network and web application firewalls IDS/IPS advanced malware protection DDoS DLP and SIEM.
Extensive knowledge of attack and threat vectors and the corresponding security controls used to mitigate risk.
Strong understanding of cloud security and cloud-based technologies including AWS and Azure.
Familiarity with contract wording and the interpretation of security clauses.
Excellent verbal communication skills with the ability to interact with executives and negotiate with clients.
Excellent written communication skills with a strong emphasis on report writing.
Ability to work independently with minimal supervision.
Strong strategic thinking negotiation consensus-building and consulting skills.
Ability to influence positive outcomes across stakeholders.
Ability to understand diverse business units and communicate technical concepts in clear plain language.
Ability to obtain Canadian Reliability Security Clearance prior to the start date.
Why Recruit Action
Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.
Required Skills: