Cybersecurity Advisor II

Company:

Number of Openings:

Worker Type:

Position Overview:

Job Description:

Major Job Functions:

Cybersecurity Advisory & Risk Support

• Support cybersecurity risk assessments for applications infrastructure and business initiatives.
• Participate in solution and design reviews by providing security input aligned with Finning security standards.
• Identify control gaps and document risk observations with recommended remediation options.
• Assist with threat modeling and security review activities using established templates and processes.

Governance Risk & Compliance

• Support compliance activities aligned to frameworks such as ISO 27001 NIST and internal Finning security standards.
• Assist with evidence collection and control validation activities for audits and assessments.
• Contribute to the maintenance of security policies standards and guidance documentation.
• Track assigned risks and remediation actions in accordance with defined governance processes.

Stakeholder Engagement & Enablement

• Engage with technology and business teams as a security advisor on assigned initiatives.
• Help translate security requirements into clear actionable guidance for stakeholders.
• Participate in project and working sessions to support the integration of security considerations.
• Support awareness and enablement activities related to secure practices and risk management.

Continuous Improvement

• Contribute ideas to improve advisory processes assessment approaches and documentation.
• Stay informed on emerging security risks and industry practices relevant to the role.
• Support the ongoing maturity of Finnings cybersecurity advisory and GRC capabilities.

Mandatory (Must-Have) Skills:

• 46 years of experience in cybersecurity information security IT risk or related IT roles.
• Experience supporting security risk assessments control reviews or compliance activities.
• Working knowledge of common security frameworks (e.g. ISO 27001 NIST CIS).
• General understanding of enterprise technologies (applications cloud identity infrastructure).
• Ability to document risks controls and recommendations clearly using defined templates.
• Experience collaborating with cross-functional technology and business teams.
• Post-secondary education in Information Security IT Computer Science or equivalent experience.

Preferred (Nice-to-Have) Skills:

• Exposure to cybersecurity advisory GRC or audit-support functions.
• Familiarity with cloud and SaaS security concepts.
• Exposure to application security identity and access management or data protection domains.
• Experience supporting internal or external audit activities
• Entry- to mid-level security certifications (e.g. CISSP CISM CRISC ISO 27001).

Soft Skills

• Clear written and verbal communication skills.
• Ability to explain security concepts to both technical and non-technical audiences.
• Strong attention to detail and analytical thinking.
• Practical risk-based problem-solving approach.
• Ability to manage assigned work independently within defined priorities.
• Collaborative and professional stakeholder engagement style.
• Willingness to learn and grow within the cybersecurity discipline.

At Finning we prioritize creating a diverse and inclusive environment. We are proud to be an equal opportunity employer and we actively encourage all individuals to express themselves and achieve their full potential. As a company we continuously strive to enhance our outreach to individuals of all backgrounds and identities. We do notdiscriminate against applicants based on gender identity race national and ethnic origin religion age sexual orientation marital and family status and/or mental or physical Finning is committed to collaborating with and providing reasonable accommodations /adjustments to individuals with disabilities. If you require an adjustment/accommodation at any point during the recruitment process please inform your recruiter.