Information Security Risk Specialist

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

About Us:

At Beanfield were not just building networks were building communities. Were dedicated to investing in our 100% Canadian-based employees 100% Canadian-driven investments and our 100% Canadian operations. Weve spent over 35 years growing a fibre-optic network that connects people and businesses across Toronto Montreal and Vancouver. Beanfield has always challenged the status quo believing that everyone deserves fast and reliable fibre internet.

We are Challengers leading the way disrupting the industry with a startup mentality and a focus on building our own infrastructure.

We are United operating as one team where everyones ideas are valued.

We Care prioritizing the well-being of our employees partners customers and communities. We foster trust communicate openly and focus on our brand and customers.

Come join our team as we continue to connect communities and foster choice by providing fast and reliable fibre Internet to Canadians.

Position Summary:

The Information Security Risk Specialist plays a critical role in safeguarding Beanfields information assets by identifying analyzing and mitigating potential cyber threats. Reporting to the Director of Information Security this role is responsible for overseeing governance risk and compliance (GRC) initiatives managing vulnerabilities monitoring for threats and responding to security incidents. The Information Security Risk Specialist works closely with IT network and security teams to maintain a secure environment ensuring the confidentiality integrity and availability of Beanfields critical information systems.

Key Responsibilities:

Governance Risk & Compliance

Align cybersecurity practices with compliance frameworks (SOC 2 NIST CIS-CSC ISO 27001).
Map security controls to relevant processes and assets using ServiceNow IRM.
Assess control effectiveness identify gaps and recommend corrective actions.
Manage and maintain the organizational risk register.
Provide expertise on risk acceptance mitigation and residual risk.
Support internal and external security audits.
Develop and deliver a security awareness program.

Vulnerability Management

Conduct vulnerability assessments across infrastructure applications and systems.
Partner with IT Network and Software teams to prioritize and remediate vulnerabilities.
Maintain the organizations vulnerability management program.
Track KPIs such as MTTR vulnerability aging and scan coverage.
Analyze vulnerability trends to recommend long-term security improvements.

Security Operations & Continuous Improvement

Support development and implementation of security policies procedures and controls.
Monitor emerging threats and recommend security enhancements.
Contribute to ITIL-based continual improvement initiatives.

Security Reporting & Documentation

Maintain detailed security reports assessments and risk analyses.
Document SOPs incident response plans and security policies.
Provide regular security performance updates to leadership.

Skills & Qualifications:

Required:

Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
Experience in GRC or Information Security with a focus on compliance and risk management.
Knowledge of compliance standards (NIST-CSF CIS Controls SOC 2) and regulatory frameworks.
Hands-on experience with GRC/IRM tools (e.g. ServiceNow Archer LogicManager).
Proficiency in vulnerability assessment tools (e.g. Nessus Qualys Rapid7 OpenVAS).
Strong communication skills to convey complex security concepts to technical and non-technical audiences.
Ability to perform under pressure and adapt to change.

Preferred:

5 years in IT/security roles (Information Security Network Operations Systems Operations Engineering).
Familiarity with SIEM platforms firewalls IDS/IPS and other cybersecurity tools.
Experience with ITIL Incident and Problem Management processes.
Scripting skills (Python PowerShell Bash) for automation.
Experience managing a Security Awareness Training program.
Certifications such as ServiceNow CIS Risk and Compliance CISA CISSP or CISM ITIL v4 Foundations or CompTIA Security

Additional Skills

Required: Availability for on-call rotation and after-hours response when necessary.
Preferred: Project/program management experience.

Whats in it for you

Competitive base salary plus annual bonus based on company and individual performance.
Permanent full-time position.
A comprehensive group insurance plan - medical dental vision care with health and lifestyle spending accounts.
A fantastic parental leave top-up program.

At Beanfield we are proud to be an equal-opportunity employer.

We are committed to fostering a diverse and inclusive workplace where all qualified applicants are considered for employment without regard to race color religion gender gender identity or expression sexual orientation national origin genetics disability age or any other protected status.

Beanfield is dedicated to providing access equal opportunity and reasonable accommodation for individuals with disabilities in all aspects of employment as well as in our services programs and activities. If you require accommodation during the application or interview process please contact us at.

Please note that candidates must be legally eligible to work in Canada at this time. We regret that Beanfield is unable to sponsor employment Visas.

Please note that all communication regarding recruitment and hiring at Beanfield will come exclusively from email addresses ending in@. We urge candidates to be cautious of any unsolicited messages or offers and to remain vigilant against phishing attempts.

Required Experience:

About Us:At Beanfield were not just building networks were building communities. Were dedicated to investing in our 100% Canadian-based employees 100% Canadian-driven investments and our 100% Canadian operations. Weve spent over 35 years growing a fibre-optic network that connects people and busines...