Cybersecurity and Technology Risk Lead
4 weeks ago
Position Overview
WSP is a premier global provider of engineering and professional services, dedicated to delivering cutting-edge solutions to our clients while ensuring a robust IT infrastructure for our employees worldwide.
Role Summary
The Information Security Office (ISO) at WSP oversees the implementation and upkeep of the information security framework across the IT organization and the broader business landscape. This encompasses governance structures, policies, processes, tools, technologies, and training necessary to safeguard WSP's information and that of our clients.
We are currently seeking a skilled and experienced Cybersecurity and Technology Risk Lead to manage our global Technology & Cyber Risk Management initiatives. This position will report directly to the Global Director of IT Risk.
Key Responsibilities
- Develop and sustain a comprehensive IT risk management framework throughout the WSP global IT organization. This includes identifying potential IT risks, assessing their impact, devising mitigation strategies, and tracking their resolution or acceptance.
- Conduct regular assessments and reviews of the IT risk management process to ensure its effectiveness aligns with the organization's risk appetite and business goals.
- Establish effective reporting and communication channels to provide IT and business leadership with timely insights into IT risks. Analyze data related to risks, issues, and deficiencies to identify trends.
- Collaborate with WSP's Executive Risk Management (ERM) team to evaluate and report relevant IT risks as part of the ERM framework.
- Lead and mentor a team of risk analysts, fostering a collaborative environment that promotes open communication and shared responsibility in managing cyber and technology risks.
- Deliver risk management training within the IT community, cultivating a culture of risk-aware decision-making and accountability.
- Oversee the evolution of the Integrated Risk Management Platform (Service-Now IRM), including the management of entities, risk statements, and controls.
- Serve as a subject matter expert in IT risk and risk mitigation, empowering IT stakeholders to take ownership of risks in their areas and encouraging proactive reporting of potential IT risks.
- Engage with all levels of IT leadership and business stakeholders to ensure a clear understanding of issues and risks, facilitating informed decision-making.
Leadership and Interpersonal Skills
- Exhibit leadership and independence in executing responsibilities.
- Demonstrate high personal integrity and the ability to handle confidential matters with discretion.
- Build positive relationships with team members and business partners to align with internal and external client needs.
- Quickly assimilate complex business, technology, and risk management concepts.
- Exercise sound judgment in ambiguous situations.
- Possess strong critical thinking, problem-solving, and organizational skills.
- Exhibit excellent written and verbal communication skills, facilitating collaboration between business units and IT professionals.
- Work effectively with diverse teams across different cultures and regions.
- Accommodate schedules for international collaboration.
Qualifications
Essential:
- 8+ years of senior-level experience in Information Security and IT Audit, with a minimum of 2 years in Risk Management.
- Bachelor's degree in Information Technology, Computer Science, Engineering, or a related field.
- Experience in large/global enterprise IT environments.
- Working knowledge of enterprise IT security concerns and technologies, including VPNs, network security, encryption, and firewalls.
- Familiarity with IT governance frameworks such as NIST and ISO 2700x.
- Experience in governance, compliance, and audit within IT settings.
- Proficient in risk management practices, including analysis, mitigation, and monitoring.
- Strong interpersonal skills to interact with various management levels.
- Ability to work independently with minimal supervision.
- Demonstrated organizational and project management capabilities.
- Excellent analytical and problem-solving skills.
- Willingness to travel occasionally.
Preferred:
- Knowledge of the Service-Now Integrated Risk Management platform (IRM).
- Professional certifications in IT governance, security, internal audit, or related fields.
#LI-Hybrid #OneIT
-
Cybersecurity Risk Management Lead
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Management Lead to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in helping us achieve our goal of sustainable growth through effective risk management.Key ResponsibilitiesEvaluate and Assess...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing our 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing our 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Manager
5 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
5 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada Société Générale Full timeAbout the JobThe Head of Cybersecurity Risk at Société Générale is seeking a Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.Key...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada Société Générale Full timeAbout the JobThe Head of Cybersecurity Risk at Société Générale is seeking a Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.Key...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management Department, you will play a critical role in helping us further define our 2nd line of defense processes, policies, and tools for our data and technology...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management Department, you will play a critical role in helping us further define our 2nd line of defense processes, policies, and tools for our data and technology...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a Cybersecurity Risk Manager, you will play a critical role in helping us further define the 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a Cybersecurity Risk Manager, you will play a critical role in helping us further define the 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobThe Head of Cybersecurity Risk at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join the Risk Management Department. This role will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk...
