Security Compliance Specialist Jobs in Town of Caledon, Ontario

• Strong leadership, negotiation, and conflict management skills

• Maintain organizations Security Risk Register for effective risk management and operational compliance functions.

• Manage the Security organization, hiring, managing and staffing requirements in line with project objectives

o Security Incident and Event Management (SIEM)

o Privileged Access Management (PAM)

CERTIFICATIONS, LICENSES, REGISTRATIONS, SPECIAL SKILLS

Proven experience in security compliance, risk management, and personnel management within a corporate or organizational setting.

Experience in managing and coordinating security personnel, including training, scheduling, and performance management.

Maintain records and documentation related to security compliance activities, personnel management, incident reports, and audit findings.

Familiarity with security controls, vulnerability management, incident response, and security awareness programs.

Conduct regular security risk assessments to identify potential threats and vulnerabilities across the organization's infrastructure, systems, processes, and physical premises.

Manage security vendor relationships, including contract negotiation, performance monitoring, and compliance oversight, as applicable.

Proven experience in relationship and stakeholder management.

Assesses security infrastructure, cloud environments, including access management, firewall protection, and vulnerability assessment and testing and makes recommendations for improvement.

Provides reports to executive management and other stakeholders on IT and security matters,

Coaches and develops team members on risk management.

Post-secondary education in IT or a suitable combination of education and experience.

Exposure with various security tools and methodologies, including network security, vulnerability management, vulnerability & penetration assessments, anti-malware, and endpoint security management.

Qualifications (Experience, Knowledge & Skills Required):

· Strong interpersonal skills, effectively liaise with team members, managers and senior leaders

· Solid knowledge of Microsoft Office skills (Word, PowerPoint, Excel, and Outlook)

· 2-3 years of experience in a related role or transferrable experience

· Experience with automotive systems and components considered an asset

· Excellent verbal and written communication skills

Recruitment, training, development, and performance management.

Provide information to management on budget needs and monitor expenditures.

Leadership skills acquired through experience supervising staff or leading work teams, preferably in a unionized environment.

recruitment, training, development, and performance management.

Support the activities of the Manager of Corporate and Community Safety.

Provide weekly work plans and updates to the Manager of Corporate and Community Safety.

Good interpersonal, leadership and relationship-building skills to deal with senior levels of management, service providers and local and remote business partners

10+ years of experience working in information security controls, information technology audit, or security risk management.

Deep technical knowledge with Cloud Computing Environments, Cloud technology management and procedures, supporting application systems and base infrastructure platforms

Establish and lead all aspects of department procedures, documentation, and training to align with records management policies

Establish and develop GDT's compliance & risk management practices

Collaborate on Global G&C and 2nd line Risk Management partners on key initiatives

• Bachelor's degree and accredited compliance management certification.

• 5 years in Information Security, Cybersecurity, Information Assurance, Risk Management, or equivalent work experience

• Communicating compliance policies and guidelines to Management and designated departments.

• In-depth knowledge of industry compliance requirements and standards.

• Proficiency in compliance management software, like Paradigm 3 and Intellect Compliance.

• Information Security Management Systems (ISO 27001 preferred)

Provide organizational leadership and guidelines to promote the development and exploitation of specialist knowledge in IT Risk Management

Develop and maintain global Risk Management framework, process, and risk register monitoring program.

Full accountability and program ownership for global cybersecurity awareness, strategic program definition and execution, vendor/contractor procurement and team management.

Management of all content created and presented, metrics collecting, data analysis, continuous program improvement.

Responsible for leading, developing, and executing the Information Management Security Systems (ISMS) program

Ensure that program is being managed to realize business benefits

Excellent interpersonal, leadership and relationship-building skills to deal with senior levels of management, service providers and local and remote business partners

10+ years of experience working in information security controls, information technology audit, or security risk management.

Supervise deployment of strong identity and access management (IDAM) controls across applications and computing environments

Exposure with various security tools and methodologies, including network security, vulnerability management, vulnerability & penetration assessments, anti-malware, and endpoint security management.

Manages ongoing and new third-party assessments of security and compliance.

Develop, test, and implement new cybersecurity-managed services and then train other IT staff to operationally support the solution(s)

Excellent interpersonal, leadership and relationship-building skills to deal with senior levels of management, service providers and local and remote business partners

10+ years of experience working in information security controls, information technology audit, or security risk management.

Supervise deployment of strong identity and access management (IDAM) controls across applications and computing environments

Exposure with various security tools and methodologies, including network security, vulnerability management, vulnerability & penetration assessments, anti-malware, and endpoint security management.

Manages ongoing and new third-party assessments of security and compliance.

Develop, test, and implement new cybersecurity-managed services and then train other IT staff to operationally support the solution(s)

Experience and knowledge in endpoint management and MDM Solutions (SCCM/MECM, InTune, Mosyle, Jamf, AirWatch, Blackberry BES etc).

In-depth knowledge and experience with Windows OS 10/11, MacOS (ver. 11 or later), IOS and Android OS.

Maintain Endpoint Management systems for managing and configuring laptops, MacBooks, desktops and mobile phones.

Deployment and management of Microsoft 365 Security and Compliance functions.

Minimum 8 years of experience in Systems Administration.

Minimum 5 years of experience in supporting and trouble-shooting endpoint issues in an enterprise setting.

Demonstrated knowledge of project management principles, ability to manage multiple projects simultaneously to meet tight deadlines

Responsible to accurately prepare, document and maintain evidence for internal review, compliance audits, self-certifications or spot checks.

Support the development and implementation of internal review, self-certification and audit processes

Project manage the implementation of new standards or changes to existing standards.

Experience with compliance planning, implementation and measures is considered an asset.

Demonstrated knowledge of the electric power infrastructure, systems (SCADA), bulk power system

- Experience working within risk management and audit

- 3-5+ years of experience working within a technical security background

- Strong communication skills and has the ability to work cross-functionally

- Knowledge of security cloud-based environments such as AWS and Microsoft Azure

- Has worked within compliance previously and understands the foundations of security

- Completed documentation regarding security compliance and protocols

We offer a diverse work environment

Manage Entrust’s automated due diligence portal for Compliance.

1+ years of applicable experience

Understanding of, and experience with, data privacy and/or information security

Friendly, supportive & knowledgeable teams

Futureproof your career with a job in information security

Manage day-to-day compliance activities for the IPC

Professional with a minimum of 3-5 years of relevant experience including a position in a financial institution(s), consulting agency

Good knowledge or understanding of Information Security regulations, frameworks and leading practices (such as NIST, ISO, COBIT, SANS, etc.)

Strong technical skills in supporting IAM applications in Windows, Mac OS X & Linux environments

Align IPC practices to IBM Security & Compliance regime

Periodically conducts risk assessments and tests data processing systems

Paid Education opportunities to ensure our members have the most equipped staff to help them

Effective use of interpersonal and communication skills, including tact and diplomacy

Organizational and planning skills with attention to detail and follow-through

Experience with Resolver or similar compliance software tool an asset, as would industry experience in a federally regulated financial institution.

Diverse and Inclusive Culture that continues to evolve

7% Superannuation matched contribution program

Quantitative Risk Management: Experience implementing quantitative risk methodologies and integrating them into business activities

Manage and administer LMS environment, Oversee cybersecurity awareness and other associated training to maintain compliance.

Prior experience with GRC, LMS, VMS(what is this)? tools and platforms is required.

Understanding and experience of handling audits of cybersecurity risk and governance standards, with NIST, ISO27001, SOC1/2 and PCI/DSS experience is mandatory

Good analytical abilities to prepare reports and assessments.

Experience in identifying and performing data classification with the intent to ensure appropriate control and authorization are present.

· Implement and maintain security controls and technologies to protect against threats and vulnerabilities

· At least 3 years of experience in security within the technology industry

· Experience with security frameworks and regulations such as ISO 27001, NIST, HIPAA, and GDPR

· Excellent communication and leadership skills

· Relevant security certifications such as CISSP, CISM, or CISA are a plus

Some of our benefits you can expect

Project Management skills and task coordination experience

Excellent relationship management, interpersonal skills, and ability to partner with cross functional teams

Manage NERC CIP self-certifications on behalf of the organization

Monitoring, reporting and management of the Operations Compliance program and its standards, systems, processes, and team members

Manage NERC CIP regulator information requests on behalf of the organization

Manage noncompliance reporting on behalf of the organization, including mitigation plan developments for recommendations

Conduct needs analysis to assess requirements of staff and management awareness and education regarding program security.

Conduct needs analysis to assess requirements of staff and management awareness and education regarding corporate security and asset protection.

Sound knowledge and experience with various management systems (SAP), controls, policies, procedures, data and business processes and agreements governing Company's activities.

Prepare and issue detailed reports and making recommendations on behalf of management.

Attend on behalf of management meetings/arbitrations/grievances that may result as an outcome of investigations.

Report on results of risk assessments with conclusions and recommendations for improvement, planned management actions and follow-up status.

Demonstrated organizational, project management and documentation skills

Prepare metrics and reports for management on the status of GRC objectives

Engage with management to identify possible resolutions to control weaknesses and opportunities for improvement.

Experience in a remote-first and distributed environment

Represent the GRC Team by participating directly with projects and provide guidance, requirements and documentation for security-related purposes when requested

Assist with developing configuration monitoring capabilities for SaaS and IaaS platforms

- 3+ years of experience in a Compliance/Security Analyst role

- 3+ years of experience working at a large organization, ideally within the Consulting or Banking space

- Experience with AWS Cloud Services, AWS Security Hub, CyberArk, or Wiz

- Experience gathering key performance indicators (KPIs) and key risk indicators (KRIs) to generate reports to illustrate

- Strong knowledge of O365

- Provide periodic feedback as the new cloud services are added for use in BMO

● Exceptional relationship management, conflict resolution, and negotiation skills

● Focus on contract management processes and identification of improvement areas

Experiences and skills you’ll use to solve

Responsibilities include but are not limited to:

Position Tile: Contract Compliance, Senior Associate

Purpose-led work you’ll be part of