manager, information security in toronto

posted
job type
permanent
apply now

job details

posted
location
toronto, ontario
job category
Technologies
job type
permanent
reference number
2100971PROEN
apply now

job description

Our client, located in Toronto, is looking for a Manager, Information Security to join their growing team.

You will work with IT and the Business to sustain compliance on an ongoing basis for all applicable regulatory and customer IS requirements. Further, you will be responsible to ensure processes (automated as much as possible) are implemented to support this compliance effort.

You will own information security policies and procedures and will be responsible for ensuring their regular review, update and approvals, as well as perform annual internal audits to ensure compliance-relevant processes in all departments are documented, accurate and implemented as written.

The Manager, Information Security will be the project lead and point of contact for applicable regulatory compliance assessments. For all compliance assessment activities you will be responsible for tracking findings, tracking the development and implementation of remediation plans from a project and reporting standpoint, and obtaining/cataloguing remediation evidence required to obtain a positive outcome to the compliance assessment. You will be responsible for arranging interviews between the assessor and resources that have security responsibilities relevant to the assessment, as well as responsible for scheduling in-person systems reviews for the assessor to review security controls in
operation.

The Manager, Information Security will be responsible for tracking and reporting on compliance status for customer and regulatory compliance, as well as producing and providing all required continuous monitoring reports. Further, this role is responsible for responding to all Customer IS questionnaires/assessments on services, as well as providing supporting generation of responses to IS questions within RFIs and RFPs to which the organization is submitting a response.

The Manager, Information Security will also be responsible for performing security assessment on our 3rd party vendors. The incumbent will thus orchestrate and monitor all activities for external and internal
audits.

The Manager, Information Security will work very closely with the Operations Security Engineer and Security Architect, as well as representatives from various departments, to define, implement and maintain processes for ensuring security throughout the entire software and system development lifecycle.

Candidate must have
„h Outstanding interpersonal and communication skills
„h A high degree of integrity and trust
„h Ability to work independently
„h Ability to handle fast-paced work environment with tight schedules and know when to escalate roadblocks so as not to delay timelines

Responsibilities
„h Participate in the creation of the Audit Program
„h Complete internal system audits
„h Complete external audits on partners and 3rd party service providers
„h Track remediation of gaps and create the risk scorecard for major applications
„h Interface with external auditors/partners to facilitate audits of security controls

Desired skills & experience
„h University degree (BS/MS) in Computer Science or equivalent
„h Experience as a security assessor/auditor
„h Participation in compliance audits (working with assessors/audits and/or defining/implementing security controls in compliance with regulatory IS requirements)
„h Knowledge of various compliance standards (HIPAA, PCI, SSAE16, FedRAMP or FISMA, SOX, ISO27001/2) an asset
„h Information security certification(s) (e.g. CISSP, CISA, GIAC) an asset

Requirements
„h CISA or CISSP
„h Excellent attention to detail in written deliverables and clear verbal communication skills
„h Specialized IT knowledge, including the ability to design, test, analyze and report on IT areas
„h Experience working internal and external audits such as (PCI, SOC 2, ISO27001)
„h Proven knowledge of network topologies and protocols, firewalls, encryption standards, secure remote access
„h Demonstrated knowledge and understanding of Service and Change management
„h 5 years experience in an Information Security Role
„h Ability to work autonomously and in teams to effectively prioritize multiple projects and associated deliverables
„h Experience with security solutions including SIEM solutions, Firewall, Web Proxy, Anti-Virus, and
Application Whitelisting products
„h Preference for fast paced, rapid start-up culture demonstrating the values of results, teamwork, energy, agility, respect, and can-do environment
„h Understanding of federated identity management systems
„h Excellent written and oral communication skills including both technical and business writing, documentation and presentation skills

Nice to Have
„h CISM
„h Solid understanding of threat intelligence analysis and tools is an asset


Don't delay, applpy today!
Randstad Professionals Canada
Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.

Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.

For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.