Security Specialist 0145-2212
Security Specialist 0145-2212
Posted on :
17-05-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
HM Note: This hybrid contract role is two 2 days in office. Candidates resume must include first and last name.
Description
Seeking experienced cybersecurity professionals with practical expertise in Governance Risk and Compliance (GRC) solutions to optimize our Vendor Risk Management program and perform thirdparty vendor assessments while aligning with the business objectives.
Experience/skills required:
- A minimum of seven 7 years of experience in information security. Including working with large security projects
- Strong communication interpersonal and presentation skills for engaging with diverse stakeholders
- Expertise in security governance risk management and compliance including developing road maps policies standards procedures and processes
- Proven experience in contractual security requirements and thirdparty risk management through RFP processes and vendor evaluations throughout procurement life cycle
- Ability to work in crossfunctional teams communicating complex technical information to all levels of the organization including the leadership team
- Proficient in cybersecurity risk management and thirdparty risk management tools (e.g. ServiceNow OneTrust Audit Board).
- Experience with development of security processes procedures and standards documentation
- Strong knowledge of industry standards and regulations such as PCIDSS NIST ISO 27001 and the ability to ensure compliance
- Strong time management skills and the ability to prioritize project work and ongoing responsibilities
- Selfmotivated with the ability to work independently in a fastpaced environment in a fastpaced environment
- Proficiency with standard Microsoft Office tools such as Word Excel PowerPoint PowerBI and Visio
Deliverables
- Lead security and vendor risk assessments identifying risks and gaps and developing mitigation strategies for thirdparty vendors.
- Conduct detailed assessments of thirdparty vendors security domains communicate findings prepare regular reports and updates to management and stakeholders.
- Develop and implement cybersecurity governance frameworks policies and procedures in collaboration with crossfunctional teams.
- Provide support for audit compliance and regulatory requests. Precise and thorough documentation and analysis are essential for effective security auditing and compliance efforts.
- Collaborate with internal teams and vendors to develop cybersecurity requirements for new solutions ensuring alignment with security policies and standards.
- Work with other team members to develop and align with cybersecurity requirements for solutions as required
- Work with project teams to recommend and implement security controls to address identified risks.
- Work with Enterprise Architecture Solution Delivery Security and Operations teams as part of a large program/project team to ensure security solutions and meet security compliance and security policies and standards
- Identify requirements for policies and standards and work with relevant teams in creation development review and approval
- Act as a cybersecurity resource for new and upcoming projectbased detail work
- Work with project teams to identify and recommend security controls to remediate security risks and issues
- Ongoing compliance work related to regulatory requirements and/or compliance to Metrolinx standards and nbsp; and nbsp; and nbsp;
- Develop the security process procedure governance artifacts and security controls within the Cybersecurity Risk Management and Governance/Compliance Programs.
- Assist with security audits and threat/risk assessments to ensure compliance with security policies standards and procedures and work with business/technical/operational areas in taking corrective actions on any identified security exposures
- Provide advice risk assessment recommendations and technical assistance in implementing security controls for projects
- Communicate regularly with cybersecurity teams internal stakeholders project teams and representatives from various functional teams including escalating any matters to senior team members that require additional analysis
- Support the implementation of security principles policies and standards to align with industry best practices ensuring security controls are integrated into system development deployment and operation
Additional Terms
Education:
- A current security designation (CISSP CISM CCSP or CISA)
Must Haves:
and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp;7 years experience in information security including working with large security projects
and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp;Proven experience in contractual security requirements and thirdparty risk management through RFP processes and vendor evaluations throughout procurement life cycle
and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp;Proficient in cybersecurity risk management and thirdparty risk management tools (e.g. ServiceNow OneTrust Audit Board)
and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp; and nbsp;Strong knowledge of industry standards and regulations such as PCIDSS NIST ISO 27001 and the ability to ensure compliance
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
