Cyber Commercial Support & Assurance Consultant

Join our Team and What Well Accomplish Together

We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health Chief Security Office (CSO) team strives to always be steps ahead tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.

The TELUS Health CSO team is committed to providing excellence in securing our internal and customers data and systems ensuring world-class reliability of security networks and systems and improving our overall cyber security posture. We manage our cyber risks and provide industry leading cyber governance assurance and oversight to secure our data.

We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team all of which enables us to thrive in a dynamic fast paced environment.

As part of the TELUS Health Cyber Security Assurance department you will be dedicated to protecting TELUS Health its customers and stakeholders from Cyber security threats you will keep TELUS Health safe and protected by establishing operating and maintaining security controls and processes and providing the department with a clear view of its security posture so that we can make the right risk based decisions to remain a best in class function.

As part of the Cyber Security Assurance department function the purpose of the Cyber Commercial Support team is to support our colleagues within TELUS Health during the sales process and commercial negotiations by reviewing / responding to our clients security schedules questionnaires and other commercially sensitive addition you will conduct security assessments as needed to assure that TELUS Health services solutions and products are designed and implemented as per our security policies and standards

What youll do

Whilst working independently you will be working within a wider group of Cyber Assurance experts you will:

• Carry out contractual security clause reviews of both new and existing customers security requirements
• Review and respond to customer security risk assessments questionnaires Requests for Information (RFIs) and Requests for Proposals (RFPs)
• Assess TELUS platforms and solutions against appropriate cyber security frameworks (as applicable)
• Deliver transparent and auditable outputs to validate compliance against the framework(s) in the form of reports dashboards and standardised templates Take a hands on approach work collaboratively with peers and stakeholders as necessary to assess compliance with appropriate cyber security framework(s) at pace
• Report clearly and concisely on non-conformities and advise on actions required to remediate interacting/collaborating with wider TELUS teams as necessary
• Identify appropriate stakeholders at all levels and build and maintain relationships
• Where necessary ensure risks are raised to the appropriate bodies/authority and ensure appropriate ownership and management
• Under Continuous Service and Process improvement assist in developing repeatable sustainable processes as applicable ensuring process is followed and outputs / knowledge is shared as applicable
• Reinforce TELUS Healths Customers First values in ensuring positive security outcomes for external customers and internal stakeholders
• Provide cyber security technical knowledge and support to business and development operations teams
• Undertake administrative tasks as is necessary to support processes and that underpin the TELUS Health Cyber Assurance methodology

What you bring

• 3 to 4 years of cyber security experience within a dynamic fast paced commercial environment
• 3 to 5 years of demonstrable technical security in IT infrastructure applications and networks ideally in a consultancy or assurance role
• Experience with compliance policies standards and baselines in the privacy and technical security domains
• Strong experience in applying technical security baseline standards from internal and external standards to ensure security through the full product lifecycle of enterprise and consumer products and services
• Demonstrable experience of security controls frameworks such as ISO27001 and the NIST Cybersecurity Framework (CSF)
• Demonstrable experience in assessing systems and evaluating evidence against the control set(s)
• Familiarity and experience of Cloud DevSecOps and Secure by Design architectures and delivery methodologies and processes would be advantageous
• A sound understanding of the fundamental concepts relating to security architectures within Networks Infrastructure and Applications
• Effective oral and written communications skills with an ability to tailor messaging on complex technical issues to a variety of technical and non-technical audiences
• Comfortable undertaking required security clearance processes as applicable
• Flexibility and comfortable with ambiguity and change
• Strong interpersonal and influencing skills to build relationships with stakeholders

Great to haves

• CISSP CISM. ISP IS027001 LI/LA CISA CCSP NIST800-53 or similar
• PIPEDA GDPR
• French and other languages

Advanced knowledge of English is required because you will most of the time interact in English with external parties (clients suppliers candidates external partners etc.); interact in English with internal parties (colleagues internal partners stakeholders etc.); and work with IT tools whose interface is only accessible in English as part of this positions main responsibilities given its national scope