Governance, Risk and Compliance Officer

**WHO WE ARE**
CFMWS. A job with purpose. Our 4000+ person strong organization champions a healthy, fun, creative and active lifestyle for Canadian Armed Forces members, Veterans and their families. Help us deliver a variety of recreation and fitness programs, offer family support, organize charity events and make sure our members access retail, travel and banking discounts and customized financial services. At Canadian Forces Morale and Welfare Services (CFMWS), we love what we do. And we live it too.
**THE ROLE**
As a Cyber Security Governance, Risk and Compliance (GRC) Officer, you ensure that the organization’s information systems are protected by completing technical control reviews and reporting on compliance. You will help maintain the highest standards of cyber security and regulatory compliance. You perform information risk assessments and provide guidance on industry best practices and alignment to standard cybersecurity frameworks. (ISO, NIST) You monitor and measure overall information security practices across the different technologies and processes. You will work with the team to update and design new information security policies.

The Cyber Security GRC Officer improves information security through security awareness programs, policies, guidelines and standards, as well as through the ongoing integration of information security within business strategies.

This is an expert role, working with a team, where you will exercise your knowledge and skills daily. If you are passionate about technology and want to be part of a team who is becoming the orchestrator of digital innovation, this is the opportunity for you.
**QUALIFICATIONS NEEDED** Education, Certifications and Licenses**

College diploma or certificate in Computer Science, Computer Systems Engineering or a related field

Certified Information System Security Professional (CISSP) certification or equivalent certification, an asset

**Experience**

Minimum 5 years of previous experience as senior GRC and/or audit role.

Experience in the IT field is not mandatory but highly desirable.

Reliability security clearance.

Develop, implement, and monitor cyber security protocols, policies, and procedures.

Monitor compliance with applicable laws, regulations, and internal policies.

Provide advice and guidance to the business on cyber security and compliance matters.

Ensure the accuracy of cyber security and other regulatory reports.

Lead investigations into potential cyber security and compliance issues (PCI)

Develop and maintain a comprehensive risk register.

Create and update technical documentation.

Perform comprehensive risk assessments.

Perform comprehensive software security assessments.

Write security policies, standards, and directives.

Weigh in on business risks and suggest appropriate information security measures.

Experience with Service Now, in particular the Integrated Risk Module, an asset.

Experience with PCI compliance an asset.

**Competencies**

Client focus, organizational knowledge, communication, innovation, teamwork and leadership

Self-starter who does not require lots of oversight and has a get-it-done attitude.

Ability to quickly pivot and change plan as required
**LANGUAGE REQUIREMENTS**
English or French Essential, Bilingual (English and French) an asset

Reading: Functional

Writing: Functional

Oral: Functional
**BENEFITS AVAILABLE** Health Benefits**: Drug coverage, healthcare spending account, virtual care (telemedicine), Employee and Family Assistance Program, mental health support, travel insurance, dental, vision, life insurance, disability insurance and accidental death and dismemberment coverage.

**Work Life Balance**: A wide range of paid/unpaid leave, including paid vacation, family related leave and personal days.

**Retirement Planning**: Group Savings Plans.

**Learning and Development**: Tuition Assistance Program and Advanced Learning Program, payment of professional association memberships, online learning opportunities and second language training.

**Perks**: Discounts through CF One Member Appreciation.
**OTHER INFORMATION**

You may be eligible to receive a Scarce Skills Premium.

This is a one-year term.

The selection process will be done virtually.
**START DATE**
As soon as possible.
**INCLUSION AND ACCOMMODATION**

Job Reference: CFMWS12227