Cybersecurity Risk Management Specialist
6 days ago
We are seeking a highly skilled Cybersecurity Risk Management Specialist to join our team at Produits forestiers Résolu. As a key member of our IT Security Governance team, you will play a critical role in maintaining and improving our IT risk management framework, managing IT exceptions, and performing 3rd party vendor risk assessments.
Key Responsibilities- Maintain and improve an IT/Security Risk Assessment Framework
- Document IT security risk, mitigating controls, and present them to risk owners for decision-making
- Coordinate with IT compliance teams to ensure compensating controls have been put in place
- Maintain the IT risk register throughout the IT risks lifecycle
- Perform Privacy Impact Assessments (PIA)
- Maintain and improve 3rd party vendors assessment methodology
- Perform 3rd party and cloud vendor security posture assessments, document the assessment, and present the results to business owners
- Review 3rd party contracts for IT security and data privacy-related clauses and work in collaboration with IT Procurement and Legal teams
- Maintain the Cloud vendor register
- Provide vendor selection services for cybersecurity aspects to help business units select a vendor as part of the RFP process
- Manage and maintain the IT Exception Handling Process
- Document IT Exceptions, validate the needs from exception requestors and owners, seek exception approval from Cybersecurity management
- Document risk assessment as needed
- Maintain the IT Exceptions register and follow-up on approved exceptions
- Provide project advisory services to Business and IT projects on IT risk matters to ensure risk management activities during project lifecycle
- Occasionally provide support to project security advisory teams to document project security requirements and controls to implement
- Produce and report IT risk management KPI and KRI on a monthly basis
- Bachelor's degree or 5 years of professional experience in Cybersecurity
- Minimum of 8 years' experience in security governance, risk, and compliance (GRC)
- Holds security-related certifications such as CISSP, CISM, CSSP, or similar
- Practical experience with implementing and/or working with IT Risk management frameworks
- Practical experience with performing IT Risk assessments during projects and as part of security operations
- Practical experience with security controls and risk mitigation measures implementation
- Practical experience with assessing 3rd party vendor risks and reviewing security and IT controls-related assurances documentation provided by 3rd parties
- Practical experience with managing an IT exception handling process
- Hands-on experience and good knowledge in topics such as identity and access management, network security, Cloud security, cryptography, web security, next-generation security solutions, and operating system security
- Experience with project life cycles, particularly security risk analysis, solutions design, and broad systems integration
- Great organizational and analytical skills
- Able to vulgarize, ease in expressing ideas, influence others, challenge ideas, and be convincing
- Excellent interpersonal skills to interact at all levels
- Ability to influence and engage with senior management
- Ability to quickly adapt to changing priorities and demands
- Worked in a decentralized environment (both technical and processes)
- Experience in an information security (application and/or infrastructure) role in an enterprise environment
- Structured and autonomous person
- Ability to work well on a collaborative team and influence others without direct authority
- Excellent written (documentation) and verbal communication skills (English and French)
-
Cybersecurity Risk Management Specialist
7 days ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management strategy at Domtar Corporation. This position involves refining the IT risk management framework, overseeing IT exceptions, and conducting...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This role involves the ongoing maintenance and enhancement of the IT risk management framework, overseeing IT...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management strategy at Domtar Corporation. This position involves refining the IT risk management framework, overseeing IT exceptions, and conducting...
-
Cybersecurity Risk Management Specialist
7 days ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This role involves the ongoing maintenance and enhancement of the IT risk management framework, overseeing IT...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada Domtar Full timeJob Overview The Cybersecurity Risk Management Specialist will play a vital role in supporting the IT Compliance & Governance Security team at Domtar. This position is essential for enhancing the IT risk management framework, overseeing IT exceptions, and conducting assessments of third-party vendors. The specialist will engage in both Business and IT...
-
Cybersecurity Risk Management Specialist
7 days ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This includes the upkeep and refinement of the IT risk management framework, overseeing IT exceptions,...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This includes the upkeep and refinement of the IT risk management framework, overseeing IT exceptions,...
-
Cybersecurity Risk and Compliance Specialist
6 days ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk and Compliance Specialist In collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk and Compliance Specialist will play a vital role in enhancing the IT risk management framework at Domtar Corporation. This position involves the management of IT exceptions and conducting thorough assessments of...
-
Cybersecurity Risk and Compliance Specialist
4 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk and Compliance Specialist In collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk and Compliance Specialist will play a vital role in enhancing the IT risk management framework at Domtar Corporation. This position involves the management of IT exceptions and conducting thorough assessments of...
-
Cybersecurity Risk and Compliance Specialist
4 weeks ago
Montreal, Quebec, Canada Domtar Full timeCybersecurity Risk and Compliance Specialist As a vital member of the IT Compliance & Governance Security team, the Cybersecurity Risk and Compliance Specialist will play a crucial role in enhancing the IT risk management practices at Domtar. This position involves the continuous improvement of the IT risk management framework, overseeing IT exceptions, and...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeKey ResponsibilitiesThe Risk Management Division plays a crucial role in the sustainable development of SGS Société Générale de Surveillance SA by leveraging its expertise in risk evaluation and management strategies. The primary objective of this department is to independently analyze, assess, manage, and monitor risk-taking activities to achieve...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeKey ResponsibilitiesThe Risk Management Division plays a crucial role in fostering the sustainable development of SGS Société Générale de Surveillance SA by leveraging its expertise in risk analysis and management methodologies. The primary mission of this division is to independently evaluate, monitor, and manage risk-taking activities to achieve...
-
Cybersecurity Risk Management Specialist
4 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeKey ResponsibilitiesThe Risk Management Division plays a crucial role in fostering the sustainable development of SGS Société Générale de Surveillance SA by leveraging its expertise in risk assessment and management methodologies. The primary objective of this department is to conduct independent evaluations, assessments, and monitoring of risk-related...
-
Montreal, Quebec, Canada Domtar Full timeCybersecurity Risk Management RoleDomtar is seeking a highly skilled Cybersecurity Risk Management professional to join our team. As a Cybersecurity Governance Risk and Compliance Specialist, you will play a critical role in maintaining and improving our IT/Security Risk Assessment Framework.Key Responsibilities:Maintain and improve an IT/Security Risk...
-
Montreal, Quebec, Canada Domtar Full timeCybersecurity Risk Management RoleDomtar is seeking a highly skilled Cybersecurity Risk Management professional to join our team. As a Cybersecurity Governance Risk and Compliance Specialist, you will play a critical role in maintaining and improving our IT/Security Risk Assessment Framework.Key Responsibilities:Maintain and improve an IT/Security Risk...
-
Operational Risk Manager
6 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing our 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Operational Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing our 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Management Lead to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in helping us achieve our goal of sustainable growth through effective risk management.Key ResponsibilitiesDevelop and Implement...
-
Operational Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing effective cybersecurity risk management processes, policies, and tools to protect our data and...
-
Operational Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing effective cybersecurity risk management processes, policies, and tools to protect our data and...
