Security (Functional) Consultant – Governance, Risk & Compliance
Requirements:
- Support application teams by reviewing the security policy requirements against the current status and advising on how to implement the missing policy requirements within the pre-established framework.
- Add value by providing alternative solutions and counter measures to address identified security risks.
- Assist application teams and Business users to document any open risks according to the Information Security Risk Management (ISRM) framework.
- Support Information Security Officer (ISO) in managing the day-to-day information security tasks
- Review and update the security KPI's status to ensure that risks are within the established thresholds.
- Work in close collaboration with the Application Teams, Suppliers, & Global Cyber Security teams.
- Identify, make, and maintain working relationships across the business lines and support teams.
Skills:
- Bachelor's Degree (accredited school) or equivalent with emphasis in computer/information science, IT, or cyber security
- 4+ years of experience in IT security governance risk & control (GRC) functions.
- A good overall knowledge of common IT Security functions of an organization is required.
- Knowledge in creating and managing security KPI's
- Good knowledge in risk management methodologies and frameworks.
- Well versatile using MS Outlook, Project, & Office productivity tools/software.
- Excellent communicator, able to engage and effectively respond to diverse stakeholders.
- Able to schedule multiple tasks, facilitate discussions with Business users, and help decision-making.
- One or more of the following security certificates is required: CISSP, CRISC, CISA, CISM or similar
Location: Greater Toronto Area/Mississauga, as this is a hybrid role