Security Governance & Risk Advisor

Are you looking for a stimulating and dynamic job in the surrounding area of North York? Would you like to be part of a team that believes in your potential and part of a great company that will help you advance in your career? This is the job for you! We are currently looking for a Security Governance & Risk Advisor for one of our clients in the insurance industry.

What is in it for you:

• Work schedule from 9am – 5pm.
• Full-time (37.50 hours per week).
• Hourly salary of $70.42 to $80.00, based on experience.
• Focus on work-life balance to ensure your wellbeing and productivity (hybrid work arrangement).
• 12-month contract with strong potential for permanent employment.
• Join a passionate and inclusive team of professionals.

Responsibilities:

• Provide the management team with an in-depth analysis of information security trends, the status of identified risks, penetration testing and vulnerability scan results, security incidents, current work activities, and work completed by the department.
• Support timely responses to Information Security regulatory questionnaires and RFIs.
• Provide support to the company Business Groups by conducting security risk assessments, ensuring alignment with security policies and directives with a specific focus on implementation of controls in applications and infrastructure services.
• Facilitation activities for internal audits/external regulatory examinations. Report open issue status and track closure.
• Keep abreast of common security frameworks and related security best practices.
• Support annual security assessment activities, including for NIST and CSA frameworks.
• Collaborate with peers in Security Risk and Crisis Management for continuous improvement to the companys security posture.
• Conduct annual security risk policy and directive review/refresh activities and present changes to management.
• Participate in the company technology review boards and similar processes for the Business Groups to ensure proper technical security controls on systems, applications, and processes.
• Conduct regulatory change assessments for the enterprise. Report control gaps and track action plans to remediate.

What you will need to succeed:

• Self-starter, strategic thinker, negotiator, and consensus builder.
• Strong communication skills, with the ability to interface and negotiate with senior staff.
• University degree or college diploma in Computer Science, engineering, information security management, information technology management, risk management, or comparable professional education/training in a relevant field.
• Sound knowledge of technologies related to Information Security, including encryption, firewalls, intrusion detection/prevention, anti-virus, DDoS, behavioral analysis/advanced malware detection.
• Experience performing risk assessments of cloud-based technologies such as Amazon Web Services (AWS).
• Excellent facilitation and coordination skills and the ability to influence a win-win outcome.
• Professional designation relating to Information Security (e.g., CISSP, CISM, CISA) preferred.
• An understanding of the companys business and the ability to work with diverse groups.
• 5-7 years in an Information Security role, preferably with experience in Information security risk management and security control governance.
• Knowledge of Information Security principles, protocols, practices, and industry standards.
• Advanced writing skills with an emphasis on report writing.

Why Recruit Action?

Recruit Action (agency permit: AP-2000003) provides recruitment services through quality support and a personalized approach to job seekers and businesses. Only candidates who match hiring criteria will be contacted.

# SLFJP00004625