Senior Information Security Specialist, Governance and Compliance
4 weeks ago
Location: Toronto, ON
Time Type: Full time
Posted On: Posted 2 Days Ago
Time Left to Apply: End Date: November 11, 2024 (11 days left to apply)
Job Requisition ID: JR134925
What you’ll do
- Provide senior level advisory services to cybersecurity, technology teams, and business team members, as required.
- Maintain cyber security policies and standards.
- Respond to external inquiries regarding cyber security (e.g. ESG, regulators, etc.).
- Analyze and assess cyber security related business scenarios and prepare/present position papers providing risk-based recommendations to assist the leadership team in making informed decisions.
- Oversee and provide guidance on the cyber security configuration compliance management program for both on-prem and cloud environments.
- Oversee and provide guidance on the cyber security vulnerability, configuration & patch remediation management programs.
- Oversee and provide guidance on the Cloud security compliance management program.
- Design and perform annual reviews of configuration benchmarks for teams to follow for new and existing systems.
- Manage the cyber security policy exemption management processes by assessing policy exception requests, maintaining the exception workflows, and updating and keeping current the exception database.
- Keep current with ongoing trends and changes within the cyber security community.
What you bring
- University degree preferably in an IT related discipline.
- CISSP, and/or CISM, and/or CISA, and/or CRISC designations would be an asset.
- 8-10+ years experience in information security, and/or IT Audit/Compliance, and/or external audit.
- Strong understanding of IT, cloud and cyber security concepts and best practices.
- Understands cyber security risks and control frameworks including NIST CSF, CIS, COBIT 5, and ISO 270001.
- Experience with security assessment tools such as Tripwire, Nexpose, MS Defender, McAfee EPO, Kenna, etc.
- Understanding of Agile concepts and practices.
- Ability to communicate and influence effectively at all levels from technical staff to company leadership team.
- Proven ability to weigh business needs with information security priorities and make sound risk-based judgement calls.
- Experienced with analyzing and assessing cyber security related business scenarios, performing risk assessments, and preparing position papers outlining sound, risk-based recommendations.
- Experienced with analyzing and assessing cyber security policy exception requests and providing risk-based recommendations.
- Experience overseeing cyber security configuration compliance programs.
- Experience overseeing cyber security vulnerability & patch management programs.
- Experience overseeing Cloud security compliance management programs.
- Experience with developing security baselines based on industry accepted CIS benchmark, MS Azure security benchmark, PCI DSS benchmark, etc. and conduct regular reviews to update existing custom baselines.
- Experience with Microsoft Azure Portal/Security Center to monitor and manage vulnerabilities, security policy compliance and all outstanding Microsoft recommendations.
- Familiar with KQL (Kusto query language) to develop scripts to query Microsoft Azure policy database to report compliance status.
- Technical knowledge including Linux, Windows, AIX, databases, network and security appliances and firewalls/IDS/IPS, web and cloud-based applications, secure coding practices, and cloud security.
- Highly proficient with MS Office suite of products.
Hybrid Work Model
We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes. Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team.
About Us
Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. We dream big and work as one to innovate with purpose for our customers at every level of our business. We offer competitive salaries and wages to CTC employees, as well as store discounts, supported learning through our Triangle Learning Academy, Canadian Tire Profit Sharing, and retirement and savings programs for eligible employees. We are committed to fostering an environment where belonging thrives, and diversity, inclusion, and equity are infused into everything we do.
Our Commitment to Diversity, Inclusion and Belonging
We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, and people with disabilities. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.
#J-18808-Ljbffr-
Old Toronto, Canada Canadian Tire Corporation Full timeAbout the RoleWe are seeking a seasoned Information Security Specialist to lead our Governance and Compliance team. As Senior Information Security Specialist, Governance and Compliance, you will be responsible for maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing advisory services to the business...
-
Old Toronto, Canada Canadian Tire Corporation Full timeWhat you’ll do Reporting to the AVP, Cyber Governance Risk and Compliance, the Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security...
-
Old Toronto, Canada Canadian Tire Corporation Full timeWhat you’ll do Reporting to the AVP, Cyber Governance Risk and Compliance, the Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security...
-
Old Toronto, Canada Canadian Tire Financial Services Full timeSenior Information Security Specialist, Governance and ComplianceApplyLocation: Toronto, ONTime Type: Full timePosted on: Posted 2 Days AgoTime left to apply: End Date: November 11, 2024 (11 days left to apply)Job Requisition ID: JR134925What you’ll doProvide senior level advisory services to cybersecurity, technology teams, and business team members, as...
-
Toronto, Canada Canadian Tire Corporation Full timeWhat you’ll do Reporting to the AVP, Cyber Governance Risk and Compliance, the Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security...
-
Information Security Governance
3 months ago
Toronto, Canada Norton Rose Fulbright Full timeInformation Security Governance & Compliance Specialist The Team The information security team reports to the global chief information security officer (CISO). The team works with unified principles and processes around the world while maintaining regional stakeholder relationships. High stand
-
Senior Cybersecurity Specialist
4 weeks ago
Old Toronto, Canada Canadian Tire Financial Services Full timeSenior Cybersecurity Specialist, Governance and ComplianceWe are seeking a highly skilled Senior Cybersecurity Specialist to join our team at Canadian Tire Financial Services. This role will provide senior-level advisory services to cybersecurity, technology teams, and business team members, maintaining cyber security policies and standards. The successful...
-
Old Toronto, Ontario, Canada Arthur Grand Technologies Inc Full timeJob Title: Senior Security Specialist for IT Audits and GovernanceArthur Grand Technologies Inc is seeking a highly skilled Senior Security Specialist for IT Audits and Governance to join our team.The ideal candidate will have 5+ years of experience in various security domains, including third-party risk management, IT audits, and Security Governance, Risk...
-
Information Security Governance
3 months ago
Toronto, Canada Norton Rose Fulbright Full timeRole The information security governance & compliance specialist takes responsibility for overseeing responses to support the client bids and client audit process, and the third-party supplier assessment process. The role is a key part of assuring our clients on the technical security measures NRF has in place for protecting client data. Providing...
-
Senior Manager, Information Security Governance
1 month ago
Old Toronto, Ontario, Canada TD Bank Full timeSenior Manager, Information Security (DevSecOps Governance)Job Summary:TD Bank is seeking a seasoned Senior Manager, Information Security to lead our DevSecOps Governance team. As a key member of our Information Security organization, you will be responsible for developing and implementing security policies, standards, and guidelines for DevSecOps...
-
Senior Security Specialist
1 month ago
Old Toronto, Ontario, Canada Arthur Grand Technologies Inc Full timeJob Title: Security Governance and Compliance Expert - SeniorArthur Grand Technologies Inc is seeking a highly skilled Security Governance and Compliance Expert - Senior to join our team.As a Security Governance and Compliance Expert - Senior, you will be responsible for providing security expertise and facilitating collaboration on various security risk...
-
Information Security Compliance
2 weeks ago
Old Toronto, Canada Athennian Group Full timeAthennian increases trust in business. Our products help legal, finance, and tax teams be transaction and audit-ready by organizing business entity and corporate structure information. Over 370,000 business entities in almost every country are managed on Athennian to automate workflows for ownership, company secretarial, governance, tax, and compliance.We...
-
Information Security Governance Specialist
1 month ago
Toronto, Ontario, Canada Norton Rose Fulbright Full timeJob SummaryNorton Rose Fulbright is seeking an experienced Information Security Governance Specialist to join our team. As a key member of our security team, you will be responsible for overseeing responses to client bids and client audit processes, as well as third-party supplier assessments.Key ResponsibilitiesProvide technical expertise for client bids...
-
Senior Information Security Specialist
1 month ago
Old Toronto, Ontario, Canada TD Full timeTD - Building a World-Class, Diverse and Inclusive Technology TeamAt TD, we're committed to creating a workplace that's inclusive, diverse, and welcoming to all. As a Senior Information Security Specialist, you'll play a key role in helping us achieve this vision.Job SummaryWe're seeking a highly skilled and experienced Information Security Specialist to...
-
Senior Compliance Governance Specialist
4 weeks ago
Toronto, Ontario, Canada The Toronto-Dominion Bank (Canada) Full timeJob SummaryThe Toronto-Dominion Bank (Canada) is seeking a Senior Compliance Governance Specialist to join our team. As a key member of our Compliance Governance department, you will be responsible for ensuring regulatory compliance issues are managed across the enterprise.Key ResponsibilitiesSupport updates to the Enterprise Regulatory Compliance Issues...
-
Senior Compliance Governance Specialist
4 weeks ago
Toronto, Ontario, Canada The Toronto-Dominion Bank (Canada) Full timeJob SummaryWe are seeking a highly skilled Senior Compliance Governance Specialist to join our team at The Toronto-Dominion Bank (Canada). The successful candidate will be responsible for ensuring regulatory compliance issues are managed across the enterprise and will develop activities/practices that govern and support the identification, management,...
-
Senior Identity Governance Specialist
1 week ago
Old Toronto, Canada Menlo Ventures Full timeAt Menlo Ventures, we are seeking a highly skilled Senior Identity Governance Specialist to join our growing Information Security team.Job Summary:We are looking for an experienced professional to lead the development and implementation of our Identity and Access Management (IAM) strategy across our products, cloud/on-premise infrastructure, and corporate...
-
Senior Cyber Security Governance Specialist
4 weeks ago
Toronto, Ontario, Canada Canadian Tire Corporation Full timeAbout the RoleThe Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security governance.Key ResponsibilitiesProvide senior level advisory services to...
-
Information Security Specialist Lead
3 weeks ago
Old Toronto, Canada TD Bank Full timeJob Title: Information Security Specialist LeadJob Summary:We are seeking a highly skilled Information Security Specialist Lead to join our team at TD Bank. The successful candidate will be responsible for providing expert advice and guidance on technology security and risk management practices. This role involves collaborating with cross-functional teams to...
-
Cyber Security Governance Specialist
1 week ago
Toronto, Ontario, Canada The Toronto-Dominion Bank (Canada) Full timeJob Overview: The Toronto-Dominion Bank (Canada) is seeking a highly motivated and experienced Cyber Security Governance Specialist to join our Public Cloud Security Governance team. This role will be responsible for integrating security practices and best practices into our SaaS Security Governance processes, ensuring compliance with regulatory standards,...
