Remoote.app

Work from anywhere. Start here.

JobsFree resume builderCompaniesLog in
Apply

Security Governance, Risk and Compliance Specialist

Posted about 1 month agoViewed

View full description

💎 Seniority level: Middle, Minimum 3 years

📍 Location: Canada

🔍 Industry: Supply chain solutions

🏢 Company: Tecsys Inc.

🗣️ Languages: English

⏳ Experience: Minimum 3 years

🪄 Skills: CybersecurityLinuxComplianceRisk ManagementSaaS

Requirements:
  • Bachelor’s degree in information systems or equivalent experience.
  • Minimum 3 years of cumulated hands-on experience.
  • Experience in the development and implementation of governance, risk and compliance strategy and security control framework.
  • Experience in risk assessments and cyber risk management methodology/processes.
  • Broad knowledge of defense in depth security concepts and best practices.
  • Good knowledge of cybersecurity frameworks such as NIST, CIS, PCI DSS.
  • Familiarity with business continuity process and planning.
  • Familiarity with IP networking fundamentals and internet protocols.
  • Familiarity with Linux, Mac, and Windows operating systems, mobile devices, and the IT application landscape.
  • Familiarity with public cloud Infrastructure-as-a-Service (IaaS) environments and Software-as-a-Service (SaaS) solutions.
  • Strong proficiency in both written and verbal English communication.
Responsibilities:
  • Support continuous security risk management framework.
  • Collaborate with technical teams for the development, implementation and monitoring of required corrective action plans relating to security compliance issues or audit deficiencies.
  • Collaborate with stakeholders to define processes, automate and continuously monitor information security controls, exceptions, risks, testing and evidence gathering.
  • Develop reporting metrics and dashboards.
  • Help identify cyber risks and solve various governance gaps and process inefficiencies.
  • Develop, execute and actively partake in internal and external security and compliance assessment initiatives such as SOC 2, PCI-DSS, NIST, FedRAMP.
  • Review and optimize vendor risk management program.
  • Monitor existing controls and conduct periodic audits and reviews to ensure their efficiency and operating effectiveness.
  • Collaborate with internal IT and business teams to identify cyber risks and prioritize security compliance-related improvements.
  • Support IT and cyber teams on the implementation of controls to meet security and privacy compliance requirements and best practices.
  • Support the development, review, update and optimization of security documentation.
Apply