Specialist, Information Security Risk and Controls

2 weeks ago

Vancouver, Canada Vancity Full time

Vancity is the largest private sector Living Wage Employer in Canada and have been consistently recognized as one of the Top Employers in Canada. Come join our team of 2,600 diverse individuals and access competitive rewards & benefits, all while knowing you are a part of a greater movement.

This competitively rewarding role will enjoy hybrid working arrangements which can be fulfilled primarily from the Vancity head office location and your home office. Periodically, in-person events or activities will be required of you.

The role**:Specialist, Information Security Risk and Controls**

**In this role, you will**:

- Use prior experience in Risk Management to develop and implement a cyber/information security risk management program based on Vancity’s acceptable risk tolerance levels and applicable regulations
- Track, monitor and manage all risk findings in the IT/Security Risk Register
- Work with the core information security and SOC team members in evaluating the efficacy of controls and provide recommendations
- Actively participate in tabletop exercises and disaster recovery drills, to enable Vancity in meeting regulatory and information security risk requirements
- Lead the development of internal controls and test procedures to audit related processes; ensure the operating effectiveness of these controls and compliance to applicable standards and regulations
- Identify and evaluate deficiencies and gaps in processes to recommend controls and other countermeasures
- Lead and advise teams on the identification of information security risks, and development of best practices, and implementation of mitigating controls
- Work with internal operational teams to drive audit finding remediation and ensure security risks are monitored and managed to tolerable levels
- Maintain the IT/Security Risk Register to track and monitor risks and exceptions, and prepare periodic reports (e.g., reporting dashboards) from the GRC solution.
- Mentor and train junior team members
- Perform other duties as assigned

**You are**:

- A Strong Communicator
- you use your strong communication and interpersonal skills to create clear understanding of expectations, address challenges and issues.
- Organized & Systematic
- You’re planning and coordination skills enable you develop solid operating plans, processes, methods and standards for a unit and help coordinate delivery of critical information in a timely manner.
- Analytical & Decisive
- with your strong problem solving and decision-making skills, you can diagnose challenges and issues; develop innovative investigative solutions; and to assess risks and opportunities that may affect the information security team.
- Self-Motivated
- you are a self-motivated and inquisitive individual that takes initiative to follow through and deliver results without continuous supervision.
- Team Player - Actively participates. Encourages co-operation. Aware of the needs of others and responds flexibly. Shares information and supports other team members. you like working with others and consider it an important element of success.
- Subject Matter Expert

**You have**:

- 3-5 years working experience preferably in the big four audit and assurance firms leading a team, or 3-5 years of Security GRC (Governance, Risk and Compliance) within a large organization
- A Bachelor’s degree or equivalent in computer science, business or similar.
- Excellent written and verbal communication skills. A person in this role is expected to work and communicate with people at different levels across the organization.
- Solid business acumen in the context of the financial industry.
- Experience in using risk management frameworks and methodologies, and in developing a refined cyber-risk management methodology.
- Familiarity with a cloud-based GRC or Risk management solution (Onetrust, ZenGRC, etc.).
- A willingness to work in a highly flexible environment with multiple competing priorities.
- Good multi-tasking skills and the ability to prioritize work based on risk and business needs

**Certifications & Training**:

- Information Security Certifications in one or more of the following are desirable: CISSP, CISM, CISA, CRISC

The team: The role reports directly to Sr. Manager Info Sec Compliance

**We offer**:

- We are the largest private-sector Living Wage Employer in Canada and have been consistently recognized as one of the Top Employers in Canada
- Our permanent employees qualify for attractive benefit packages that can be customized and changed each year to meet their evolving needs
- New employees receive between three and four weeks of vacation allowance per calendar year, and the number of vacation days grows — to a maximum of six weeks per year — as their length of service increases. In addition, full-time, permanent staff can purchase up to six extra days of vacation through our flexible benefits package.
- In addition to the 10 statutory holidays in British Columbia, Vancity provides a

  • Cyber Security and Controls Specialist

    3 weeks ago

    Vancouver, Canada Seaspan Shipyards, Corporate Services Full time

    **Cyber Security and Controls Specialist**: The Cyber Security and Controls Specialist will assess existing controls design and execution to ensure compliance with contractual and legislated obligations. **What you’ll do** - Leads and advises on identification of cyber risks, communication, and development of best practices, and implementation of...

  • Information Security Risk Analyst

    3 weeks ago

    Vancouver, Canada BC Financial Services Authority Full time

    Posting Title Information Security Risk Analyst Department: Corporate Services & Transformation Full/Part Time: Full Time **Job Type**: Permanent Location: Vancouver Work Arrangement: Hybrid Salary Range: $71,397.00 - $104,693.00 Close Date: June 16, 2024 **Job Summary** BC Financial Services Authority (“BCFSA”) helps to protect British Columbians...

  • Consultant, Risk Control Engineering

    1 week ago

    Vancouver, British Columbia, Canada BFL CANADA Risk and Insurance Full time

    We offer more than a job, we offer a career We support our employees to shape their career by encouraging continuing education and investing in training and development. We put our employees at the centre of what we do to allow them to grow personally and professionally, with projects and challenges that are motivating and rewarding. We inspire people to do...

  • Consultant, Risk Control Engineering

    1 month ago

    Vancouver, British Columbia, Canada BFL CANADA Risk and Insurance Full time

    We offer more than a job, we offer a careerWe support our employees to shape their career by encouraging continuing education and investing in training and development.We put our employees at the centre of what we do to allow them to grow personally and professionally, with projects and challenges that are motivating and rewarding.We inspire people to do...

  • Consultant, Risk Control Engineering

    3 weeks ago

    Vancouver, British Columbia, Canada BFL CANADA Risk and Insurance Full time

    We offer more than a job, we offer a careerWe support our employees to shape their career by encouraging continuing education and investing in training and development.We put our employees at the centre of what we do to allow them to grow personally and professionally, with projects and challenges that are motivating and rewarding.We inspire people to do...

  • Information Security Specialist

    1 month ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    3 weeks ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    3 weeks ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    1 month ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    1 month ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    1 month ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    3 weeks ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    3 weeks ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    4 weeks ago

    Vancouver, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    1 month ago

    Vancouver, BC, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    1 month ago

    Vancouver, BC, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    3 weeks ago

    Vancouver, BC, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    3 weeks ago

    Vancouver, BC, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist

    1 month ago

    Vancouver, BC, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...

  • Information Security Specialist with Security Clearance

    1 month ago

    Vancouver, BC, Canada JD Sports Canada Full time

    JD Canada is looking for an Information Security Specialist to add to our IT group. In this role, you'll be responsible for developing and enforcing data security policies, conducting regular audits, and implementing security solutions. You'll provide training and support to staff, respond to security incidents, and collaborate with the IT team on...