Specialist Information Security Governance, Risk

2 weeks ago

Calgary, Canada Canadian National Railway Full time

At CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks. You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM. The careers we offer are meaningful because the work we do matters. Join us

**Job Summary**

The Specialist, Information Security Governance, Risk and Compliance is responsible for providing support to the governance and compliance management activities of the Information Security program. The role contributes significantly to the Governance, Risk and Compliance (GRC) initiative assuring CN’s adherence to the Sarbanes Oxley (SOX) Section 404 regulatory framework. The position also provides project support, GRC document preparation, and auditing compliance against other information security regulations and controls.

**Main Responsibilities**
- Support the assessment and documentation of all Information and Technology General Controls (ITGC) related to the SOX program as part of ongoing compliance efforts
- Serve as Control Owner or Control Performer for several Information and Technology (I&T) controls
- Contribute to appropriate and efficient control design and implementation
- Support evaluation of internal control gaps and deficiencies, conduct remediation monitoring, and track strategies to completion
- Identify opportunities for process and control improvements, automation, and consolidation, and participate in development of implementation plans
- Research and recommend tools and technologies to support or improve controls
- Drive increase in maturity of the overall ITGC environment
- Work directly with the Information Security Compliance Manager, Internal Audit, and external auditors on SOX audit-related activities (e.g., planning of internal and external audits, walkthroughs, testing, and communication)
- Contribute to I&T risk and controls program strategy, design, development, implementation, and communication

Working Conditions

The role has standard working conditions in an office environment with a regular workweek from Monday to Friday and is eligible to participate in CN’s hybrid work policy. Due to the nature of the role, the incumbent must be able to meet tight deadlines and handle pressure or stress.

**Requirements**:
Experience

Information & Technology
- Minimum 7 years of overall work experience
- Minimum 3 years demonstrating technical leadership qualities or overseeing deliverables
- Minimum 7 years of experience in Information Security Governance or Compliance
- Experience in ensuring compliance with I&T controls, policies, and regulatory frameworks
- Experience creating and updating information security policies, standards, procedures, and other documentation
- Experience with GRC tools, ServiceNow, and SharePoint
- Experience with tracking and reporting Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs)

Education/Certification/Designation
- Bachelor’s Degree in an I&T discipline, a related field, or equivalent
- Information Security Technical or Auditing certifications (e.g., Certified Information Security Professional (CISP), Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA))*
- Any designation for these above would be considered as an asset

Competencies
- Inspires others with impactful communications and adapts to the audience through speech and writing
- Applies analytical thinking
- Innovates through problem solving
- Knows the business and stays current with industry trends to elevate expertise and work
- Demonstrates organizational abilities
- Collaborates with key internal stakeholders to enable higher productivity
- Works independently with little supervision

Technical Skills/Knowledge
- Practical knowledge of information security processes and functions including asset management, vulnerability management, access management, and risk management
- Knowledge of additional standards, frameworks, regulations, and legislation governing information security and privacy (e.g., National Institute of Standards and Technology (NIST), ISO 27001, Control Objectives for Information and Related Technologies (COBIT), Personal Information Protection and Electronic Documents Act (PIPEDA))

**About CN**

CN is a world-class transportation leader and trade-enabler. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. As the only railroad connecting Canada’s Eastern and Western coasts with the Southern tip of the U.S. throug

  • IT Manager, Governance, Risk and Compliance

    2 months ago

    Calgary, Canada The University of Calgary Full time

    **Position Overview** **Information Technologies** is currently seeking a Full-time Regular **IT Manager, Governance, Risk and Compliance** This position involves a high volume and considerable diversity of work, which includes identifying and working with key stakeholders unique requirements and identifying technology risk at UCalgary. Problem solving...

  • IT Manager, Governance, Risk and Compliance

    4 days ago

    Calgary, Alberta, Canada The University of Calgary Full time

    Position OverviewInformation Technologies is currently seeking a Full-time Regular IT Manager, Governance, Risk and ComplianceThis position involves a high volume and considerable diversity of work, which includes identifying and working with key stakeholders unique requirements and identifying technology risk at UCalgary. Problem solving ranges from routine...

  • Senior Cyber Security Risk Management Specialist

    4 weeks ago

    Calgary, Canada MNP Full time

    Senior Cyber Security Risk Management Specialist Job Category: Information Technology Requisition Number: ITCYB009926 Apply now Posted : April 15, 2024 Full-Time Locations Showing 1 location DescriptionInspirational, innovative and entrepreneurial - this is how we describe our empowered teams. Combine your passion with purpose and join a...

  • Senior Cyber Security Risk Management Specialist

    4 weeks ago

    Calgary, Canada MNP Full time

    Senior Cyber Security Risk Management Specialist Job Category: Information Technology Requisition Number: ITCYB009926 Apply now Posted : April 15, 2024 Full-Time Locations Showing 1 location DescriptionInspirational, innovative and entrepreneurial - this is how we describe our empowered teams. Combine your passion with purpose and join a...

  • Senior Cyber Security Risk Management Specialist

    4 weeks ago

    Calgary, Canada MNP Full time

    Senior Cyber Security Risk Management Specialist Job Category: Information Technology Requisition Number: ITCYB009926 Apply now Posted : April 15, 2024 Full-Time Locations Showing 1 location DescriptionInspirational, innovative and entrepreneurial - this is how we describe our empowered teams. Combine your passion with purpose and join a...

  • Data Governance Specialist

    4 weeks ago

    Calgary, Canada PBS Systems Full time

    “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is the third largest DMS (Dealership Management System) provider to the North American retail...

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada PBS Systems Full time

    Calgary Headquarters, 4041 128 Ave SE, Calgary, Alberta, Canada Req #526 Thursday, May 2, 2024 “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is...

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada PBS Systems Full time

    Calgary Headquarters, 4041 128 Ave SE, Calgary, Alberta, Canada Req #526 Thursday, May 2, 2024 “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is...

  • Data Governance Specialist

    1 month ago

    Calgary, Canada PBS Systems Inc. Full time

    Calgary Headquarters, Calgary, Alberta, Canada Job Description Posted Thursday, May 2, 2024 at 6:00 AM “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years,...

  • Data Governance Specialist

    1 month ago

    Calgary, Canada PBS Systems Inc. Full time

    Calgary Headquarters, Calgary, Alberta, Canada Job Description Posted Thursday, May 2, 2024 at 6:00 AM “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years,...

  • Data Governance Specialist

    1 month ago

    Calgary, Canada PBS Systems Inc. Full time

    Calgary Headquarters, Calgary, Alberta, Canada Job Description Posted Thursday, May 2, 2024 at 6:00 AM “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years,...

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada PBS Systems Full time

    “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is the third largest DMS (Dealership Management System) provider to the North American retail...

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada Equest Full time

    "PBS is the fastest growing "All Inclusive Business Platform" vendor in North America and we've only just begun!" The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is the third largest DMS (Dealership Management System) provider to the North American retail automotive industry....

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada Equest Full time

    "PBS is the fastest growing "All Inclusive Business Platform" vendor in North America and we've only just begun!" The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is the third largest DMS (Dealership Management System) provider to the North American retail automotive industry....

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada PBS Systems Inc. Full time

    Calgary Headquarters, Calgary, Alberta, Canada Job Description Posted Thursday, May 2, 2024 at 6:00 AM “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years,...

  • Data Governance Specialist

    5 days ago

    Calgary, Alberta, Canada PBS Systems Inc. Full time

    Calgary Headquarters, Calgary, Alberta, Canada Job Description Posted Thursday, May 2, 2024 at 6:00 AM "PBS is the fastest growing "All Inclusive Business Platform" vendor in North America and we've only just begun" The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is the...

  • Data Governance Specialist

    5 days ago

    Calgary, Alberta, Canada PBS Systems Full time

    "PBS is the fastest growing "All Inclusive Business Platform" vendor in North America and we've only just begun" The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years, PBS is the third largest DMS (Dealership Management System) provider to the North American retail automotive...

  • Data Governance Specialist

    3 weeks ago

    Calgary, Canada PBS Systems Inc. Full time

    Calgary Headquarters, Calgary, Alberta, Canada Job Description Posted Thursday, May 2, 2024 at 6:00 AM “PBS is the fastest growing “All Inclusive Business Platform” vendor in North America and we’ve only just begun!” The Opportunity: We are changing the way people buy and service cars one dealership at a time. In business for over 30 years,...

  • Senior Cyber Security Risk Management Specialist

    3 weeks ago

    Calgary, Canada MNP Full time

    Job Details Description Inspirational, innovative and entrepreneurial - this is how we describe our empowered teams. Combine your passion with purpose and join a culture that is thriving in the face of change. Make an impact with our Technology - Cyber Security team as a Senior Cyber Security Risk Management Specialist. This diverse team of...

  • Senior Cyber Security Risk Management Specialist

    2 months ago

    Calgary, Canada MNP Full time

    Job Details Description Inspirational, innovative and entrepreneurial - this is how we describe our empowered teams. Combine your passion with purpose and join a culture that is thriving in the face of change. Make an impact with our Technology - Cyber Security team as a Senior Cyber Security Risk Management Specialist. This diverse team of...