Cybersecurity Risk and Compliance Specialist
2 months ago
In collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk and Compliance Specialist will play a vital role in enhancing the IT risk management framework at Domtar Corporation. This position involves the management of IT exceptions and conducting thorough assessments of third-party vendor risks.
The specialist will engage in both Business and IT initiatives, working alongside IT operations teams to evaluate risks and propose effective risk mitigation strategies.
IT/Security Risk Assessment Framework
- Continuously enhance the IT/Security Risk Assessment Framework.
- Document IT security risks and mitigating controls, presenting findings to risk owners for informed decision-making.
- Collaborate with the IT compliance team to ensure that compensating controls are effectively implemented.
- Maintain the IT risk register throughout the lifecycle of IT risks.
Third-Party Vendor Security Assessment
- Develop and refine the methodology for assessing third-party vendors.
- Conduct security posture assessments for third-party and cloud vendors, documenting results and presenting them to business stakeholders.
- Review third-party contracts for IT security and data privacy clauses, collaborating with IT Procurement and Legal teams.
- Provide cybersecurity-related vendor selection services to assist business units during the RFP process.
Document IT exceptions, validate requests from exception owners, and seek necessary approvals from Cybersecurity management.
Risk assessments will be documented as required.
Project Advisory
- Offer advisory services for Business and IT projects concerning IT risk to ensure risk management activities are integrated throughout the project lifecycle. Occasionally, support the project security advisory team in documenting security requirements and controls.
Risk Management KPIs and KRIs
- Generate and report IT risk management KPIs and KRIs on a monthly basis.
Qualifications:
- Bachelor’s degree or a minimum of 5 years of professional experience in Cybersecurity.
- At least 8 years of experience in security governance, risk, and compliance (GRC).
- Possession of security-related certifications such as CISSP, CISM, CSSP, or similar is considered an asset.
- Practical experience with IT Risk management frameworks and conducting IT Risk assessments during projects and security operations.
- Hands-on experience with security controls and risk mitigation measures.
- Experience in assessing third-party vendor risks and reviewing security and IT controls documentation provided by third parties, including knowledge in identity and access management, network security, cloud security, cryptography, web security, and operating system security.
- Familiarity with project life cycles, particularly in security risk analysis and systems integration.
- Strong ability to influence and engage with senior management.
- Experience working in a decentralized environment (both technical and process-related).
- Excellent written and verbal communication skills in English and French are a strong asset.
Benefits:
- Hybrid remote work with flexible hours.
- Comprehensive insurance plan (life, medical, dental).
- Pension plan with matching contributions from the company.
Domtar Corporation is a diversified manufacturer of pulp and paper products, including printing and writing, packaging, and specialty papers. We are committed to the sustainable use of wood-based products in global markets and have established a robust network of mills and chipping plants to produce competitively.
Through our distinct approach to operational excellence, we deliver high-quality and cost-effective products to our international clientele. Domtar is an equal-opportunity employer, and we welcome applications from all qualified individuals.
We are dedicated to providing reasonable accommodations for individuals protected by applicable laws.
-
Montreal, Quebec, Canada Transat A.T Inc. Full timeCybersecurity Specialist, Governance, Risks and ComplianceAt Transat A.T Inc., we are seeking a highly skilled Cybersecurity Specialist to join our Governance, Risks and Compliance team. As a key member of our team, you will play a critical role in helping us meet our compliance requirements and identify and monitor business risks.Key Responsibilities:Assess...
-
Montreal, Quebec, Canada Transat A.T Inc. Full timeCybersecurity Specialist, Governance, Risks and ComplianceAt Transat A.T Inc., we are seeking a highly skilled Cybersecurity Specialist to join our Governance, Risks and Compliance team. As a key member of our team, you will play a critical role in helping us meet our compliance requirements and identify and monitor business risks.Key Responsibilities:Assess...
-
Montreal, Quebec, Canada Transat A.T Inc. Full timeCybersecurity Specialist, Governance, Risks and ComplianceOur mission at Transat A.T Inc. is to be the preferred airline of our customers and our team.We value open-mindedness, concern for others, intelligence at work, and a healthy dose of fun to achieve great things every day.As part of our GRC cybersecurity team, you will work closely with all business...
-
Montreal, Quebec, Canada Transat AT Full timeCybersecurity Specialist, Governance, Risks and ComplianceTransat AT is a leading international tour operator with a strong presence in over 50 countries.Our mission is to deliver exceptional customer experiences and to be the preferred airline of our customers and team members. We achieve this by fostering a culture of open-mindedness, respect, and...
-
Montreal, Quebec, Canada Transat AT Full timeCybersecurity Specialist, Governance, Risks and ComplianceTransat AT is a leading international tour operator with a strong presence in over 50 countries.Our mission is to deliver exceptional customer experiences and to be the preferred airline of our customers and team members. We achieve this by fostering a culture of open-mindedness, respect, and...
-
Montreal, Quebec, Canada Transat A.T Inc. Full timeCybersecurity Specialist, Governance, Risks and ComplianceTransat A.T Inc. is seeking a highly skilled Cybersecurity Specialist, Governance, Risks and Compliance to join our team. As a key member of our GRC cybersecurity team, you will play a critical role in helping us meet our compliance requirements and identify and monitor business risks.Key...
-
Cybersecurity Risk Management Specialist
2 months ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistDomtar Corporation is seeking a highly skilled Cybersecurity Risk Management Specialist to join our team. As a key member of our IT Compliance & Governance Security team, you will play a critical role in maintaining and improving our IT risk management framework, managing IT exceptions, and performing 3rd party vendor...
-
Cybersecurity Risk Management Specialist
2 months ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistDomtar Corporation is seeking a highly skilled Cybersecurity Risk Management Specialist to join our team. As a key member of our IT Compliance & Governance Security team, you will play a critical role in maintaining and improving our IT risk management framework, managing IT exceptions, and performing 3rd party vendor...
-
Montreal, Quebec, Canada Transat AT Full timeCybersecurity and Compliance ExpertTransat AT is an integrated international tour operator with a strong commitment to sustainability and customer satisfaction.We are seeking a highly skilled Cybersecurity and Compliance Expert to join our team. As a key member of our Governance, Risks and Compliance (GRC) team, you will play a critical role in ensuring the...
-
Cybersecurity Risk Management Specialist
1 week ago
Montreal, Quebec, Canada Produits forestiers Résolu Full timeCybersecurity Risk Management SpecialistAbout ResoluteResolute Forest Products is a leading global player in the forest products industry, with a rich history spanning over two centuries. The company has built a strong foundation through the acquisition of more than 20 predecessor companies, supporting hundreds of communities along the way. With a presence...
-
Cybersecurity Governance and Risk Expert
17 hours ago
Montreal, Quebec, Canada Transat AT Full timeCybersecurity Specialist, Governance, Risks and ComplianceJob DescriptionAs a key member of the GRC cybersecurity team at Transat AT, you will collaborate closely with business units to ensure the company meets its compliance requirements. Your role will involve identifying and monitoring various business risks that may impact the organization.You will play...
-
Cybersecurity Governance Specialist
4 weeks ago
Montreal, Quebec, Canada Transat AT Full timeCybersecurity Specialist RoleTransat AT is seeking a highly skilled Cybersecurity Specialist to join its Governance, Risks and Compliance team.The ideal candidate will have a strong background in cybersecurity and risk management, with a minimum of 8 years of experience in the field.The Cybersecurity Specialist will work closely with all business units to...
-
Cybersecurity Governance Specialist
4 weeks ago
Montreal, Quebec, Canada Transat AT Full timeCybersecurity Specialist RoleTransat AT is seeking a highly skilled Cybersecurity Specialist to join its Governance, Risks and Compliance team.The ideal candidate will have a strong background in cybersecurity and risk management, with a minimum of 8 years of experience in the field.The Cybersecurity Specialist will work closely with all business units to...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Montreal, Quebec, Canada Produits forestiers Résolu Full timeAt Produits forestiers Résolu, we are seeking a highly skilled Cybersecurity Risk Management Specialist to join our team. This role will be responsible for maintaining and improving our IT risk management framework, managing IT exceptions, and performing 3rd party vendor risk assessments.Key Responsibilities:Maintain and improve the IT risk management...
-
Cybersecurity Risk Management Specialist
3 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management RoleAs a Cybersecurity Risk Management Specialist at Domtar Corporation, you will play a crucial part in maintaining and improving the IT risk management framework. This involves managing IT exceptions, performing 3rd party vendor risk assessments, and contributing to the IT risk management practice. You will work closely with...
-
Cybersecurity Risk Management Specialist
3 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management RoleAs a Cybersecurity Risk Management Specialist at Domtar Corporation, you will play a crucial part in maintaining and improving the IT risk management framework. This involves managing IT exceptions, performing 3rd party vendor risk assessments, and contributing to the IT risk management practice. You will work closely with...
-
Cybersecurity Risk Management Specialist
2 months ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This role involves the ongoing maintenance and enhancement of the IT risk management framework, overseeing IT...
-
Cybersecurity Risk Management Specialist
2 months ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management strategy at Domtar Corporation. This position involves refining the IT risk management framework, overseeing IT exceptions, and conducting...
-
Cybersecurity Risk Management Specialist
3 months ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management strategy at Domtar Corporation. This position involves refining the IT risk management framework, overseeing IT exceptions, and conducting...
-
Cybersecurity Risk Management Specialist
3 months ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This role involves the ongoing maintenance and enhancement of the IT risk management framework, overseeing IT...
