Requirements:

• Support application teams by reviewing the security policy requirements against the current status and advising on how to implement the missing policy requirements within the pre-established framework.
• Add value by providing alternative solutions and counter measures to address identified security risks.
• Assist application teams and Business users to document any open risks according to the Information Security Risk Management (ISRM) framework.
• Support Information Security Officer (ISO) in managing the day-to-day information security tasks
• Review and update the security KPI's status to ensure that risks are within the established thresholds.
• Work in close collaboration with the Application Teams, Suppliers, & Global Cyber Security teams.
• Identify, make, and maintain working relationships across the business lines and support teams.

Skills:

• Bachelor's Degree (accredited school) or equivalent with emphasis in computer/information science, IT, or cyber security
• 4+ years of experience in IT security governance risk & control (GRC) functions.
• A good overall knowledge of common IT Security functions of an organization is required.
• Knowledge in creating and managing security KPI's
• Good knowledge in risk management methodologies and frameworks.
• Well versatile using MS Outlook, Project, & Office productivity tools/software.
• Excellent communicator, able to engage and effectively respond to diverse stakeholders.
• Able to schedule multiple tasks, facilitate discussions with Business users, and help decision-making.
• One or more of the following security certificates is required: CISSP, CRISC, CISA, CISM or similar

Location: Greater Toronto Area/Mississauga, as this is a hybrid role