Auditor, Information Security Compliance

**The role: Auditor, Information Security Compliance**

As a member of the Compliance team within the Information Security group, you will be instrumental in ensuring that Vancity has effective internal information security and system controls, as well as robust test procedures and documentation to support internal and external audits.

Vancity promotes a positive work/life balance and places an emphasis on the importance of mental health. Vancity is also committed to creating a welcoming, inclusive workplace and diversity is integral to this commitment. We offer an excellent benefits package that includes 4 weeks paid vacation, overall health, and dental benefits as well as a 35-hour work week. These are just some of the many advantages of working at Vancity.

**In this role, you will**:

- Develop internal controls and test procedures to audit the related processes to ensure the operating effectiveness of these controls.
- Develop and maintain robust documentation to support audit procedures.
- Coordinate remediation efforts as required.
- Participate in internal information security compliance audits with the Vancity Enterprise Risk. Management team, IT Solutions Risk team, and various internal teams.
- Prepare and submit IS Controls’ compliance-related internal and external reports.
- Perform internal risk audits and provide context on findings.
- Perform other duties as assigned.

**As an individual contributor you are accountable for**:

- Your personal outputs and working behaviors.
- Continuous process improvement and enhancement.
- Working independently, taking initiative, and completing the task at hand with mínimal direction
- Contributing to a safe and respectful environment.

**You are**:

- **A Strong Communicator**:

- you use your strong communication and interpersonal skills to create clear understanding of expectations; address challenges and issues to multiple stakeholders within the organization which fosters a healthy and transparent environment.
- **Organized & Systematic**- Your planning and coordination skills enable you develop solid operating plans, processes, methods and standards, and help coordinate delivery of critical information in a timely manner within the Organization.
- **Analytical & Decisive**:

- with your strong problem solving and decision-making skills, you can diagnose challenges and issues; develop innovative investigative solutions; and to assess risks and opportunities that may affect the Organization.
- **Self-Motivated**- you are a self-motivated and inquisitive individual that takes initiative to follow through and deliver results without continuous supervision.
- **Team Player **- Actively participates. Encourages co-operation. Aware of the needs of others and responds flexibly. Shares information and supports other team members. You like working with others and consider it an important element of success.

**You have**:

- 2 -5 years working experience preferably in the big four audit and assurance firms
- A solid understanding of relevant cyber security policies and procedures.
- Prior working knowledge in testing SOC1, SOC2 and ISO 27001 controls and procedures.
- Prior experience in auditing information security and technology controls and processes in a financial institution would be a big plus
- Familiar with NIST, OSFI, PCI DSS, SWIFT and other standards and regulations
- An undergraduate degree (preferably in Cyber Security, Computer Science, Engineering, or highly related field)
- A solid understanding of information security controls., test procedures and, documentation.
- A willingness to work in a highly flexible environment with multiple competing priorities.
- Good multi-tasking skills and the ability to prioritize work based on risk and business needs

**Bonus point(s)**:

- Experience in IT, Audit, Information Security, or a combination of these
- Information Security related certifications and training such as CISA and CISM
- Prior experience and knowledge with Microsoft Azure Cloud environment

**The team**: The Auditor, Information Security Compliance reports directly to the Sr. Manager, Information Security Compliance

**About Vancity**:

- When you join Vancity as an employee and a member, you join a movement that believes that when we use money for what’s right, we truly are a financial force for change.
- Our vision is a transformed economy that protects the earth and guarantees equity for all.
- We are the largest private-sector Living Wage Employer in Canada and have been consistently recognized as one of the Top Employers in Canada. Come join our team of 2,600 diverse individuals and access competitive rewards & benefits, all while knowing you are a part of a greater movement.
- Start your Vancity career journey with us even if you’re new to financial services We provide in-house paid training to gain general financial knowledge, and to learn about our products & services. We encourage opportunities to learn & develop to pre