Current jobs related to Lead Specialist, Security Grc - Montréal - Cogeco Communications Inc.

  • SAP Security/grc Consultant

    1 week ago

    Montréal, Canada Q1 Technologies Full time

    **Role**:SAP Security/GRC Consultant** **Duration: Fulltime** **Skills Required**: - Minimum 4-6 years of experience in Data migration - At least one end to end implementation experience to Implement Roles and Authorization - Have worked on SAP S/4 HANA GRC for Implementation / Support - Requirement Gathering - Should have a good command over Roles and...

  • SAP Security/grc Consultant

    1 week ago

    Montréal, Canada Q1 Technologies Full time

    Skills Required: - Minimum 4-6 years of experience in Data migration - At least one end to end implementation experience to Implement Roles and Authorization - Have worked on SAP S/4 HANA GRC for Implementation / Support - Requirement Gathering - Should have a good command over Roles and Authorization Management, Design and creation of Roles for an...

  • SAP Security/grc Consultant

    1 week ago

    Montréal, Canada Atlantis IT group Full time

    **Role: SAP Security/GRC Consultant** **Location**:MONTREAL,QUEBEC** **Duration - Long Term** Have worked on SAP S/4 HANA GRC for Implementation / Support Requirement Gathering Should have a good command over Roles and Authorization Management, Design and creation of Roles for an implementation Project. Experienced in Portal Security Management and...

  • SAP Grc/security Consultant

    1 week ago

    Montréal, Canada J&M Group Inc Full time

    Have worked on SAP S/4 HANA GRC for Implementation / Support **Have worked on SAP S/4 HANA GRC for Implementation / Support**: - Experience on Hyper cares **Job Types**: Full-time, Fixed term contract Contract length: 12 months Schedule: - 8 hour shift Ability to commute/relocate: - Montréal, QC: reliably commute or plan to relocate before starting...

  • Security Specialist

    2 weeks ago

    Montréal, Canada Ubisoft Full time

    **Company Description** Ubisoft’s 19,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players’ lives with original and memorable gaming experiences. Their commitment and talent have brought to life many acclaimed franchises such as Assassin’s Creed, Far Cry, Watch Dogs, Just Dance,...

  • Application Security Specialist

    5 days ago

    Montréal, Canada Workleap Full time

    Company Description Workleap is an ecosystem of powerfully simple employee and digital experience software that helps modern workplaces have a greater impact— fast. Built for today’s leaders and their teams, Workleap products aim to make work really work by fostering engagement, performance, growth, and productivity within organizations. **Job...

  • Spécialiste Grc Avec Expertise Salesforce

    1 week ago

    Montréal, Canada Apside Full time

    **Missions**: - ** Évaluation et gestion des risques** liés à l'implémentation et l'exploitation de Salesforce, en utilisant des méthodologies GRC reconnues (ISO 27005, NIST). - ** Conception et déploiement de politiques de conformité** et de sécurité intégrées à la plateforme Salesforce, tout en garantissant l'alignement avec les normes...

  • Remote Cyber GRC Consultant

    3 days ago

    Montréal, Canada Malleum Full time

    A leading cybersecurity consultancy based in Canada is seeking a GRC Consultant to ensure clients meet cybersecurity standards. In this remote role, you will advise on best practices, develop work plans, and drive cybersecurity engagements to completion. Ideal candidates will have 5-8 years of experience in IT security and relevant certifications. This is an...

  • Testing Specialist

    4 weeks ago

    Montréal, QC, Canada Avanciers Inc. Full time

    Avanciers is a premier IT Staffing/Consulting organization and we are currently recruiting for a long term contract role for one of our premier client in Canada for IT Control Testing Specialist This is based in Montreal, QC, Canada (Hybrid) role and client is actively hiring for this position. Fluency in both spoken and written French is mandatory. Job...

  • Testing Specialist

    4 weeks ago

    Montréal, QC, Canada Avanciers Inc. Full time

    Avanciers is a premier IT Staffing/Consulting organization and we are currently recruiting for a long term contract role for one of our premier client in Canada for IT Control Testing Specialist This is based in Montreal, QC, Canada (Hybrid) role and client is actively hiring for this position. Fluency in both spoken and written French is mandatory. Job...

Lead Specialist, Security Grc

2 weeks ago

Montréal, Canada Cogeco Communications Inc. Full time

Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated.

Time Type:
Regular

Job Description:
Lead Specialist, Security GRC

As the Lead Specialist for Governance, Risk, and Compliance (GRC), you will operate as a senior individual contributor driving the maturity of our information security program. You will take ownership of critical GRC processes, including security and IT policy development, framework implementation, risk assessment, maintain a risk register, regulatory monitoring, audit management and reporting. A key component of this role is providing mentorship to junior analysts and directly contributing to the continuous improvement of the organization's overall security governance, risk posture and compliance.

KEY RESPONSIBILITIES

Strategic GRC Leadership & Program Management- Lead the development, review, and continuous improvement of information security policies, standards, baselines, and guidelines, ensuring they are comprehensive, enforceable, and strategically aligned.-
- Contribute to the development of the Information Security strategy and roadmap based on observed security gaps and evolving GRC requirements.- Provide expert guidance and interpretation of security policies and standards to IT teams, business units, and project teams.- Contribute to GRC program maturity assessments and the development of strategic improvement plans.

Advanced Risk Management & Influence-
- Develop detailed risk reports and mitigation strategies, articulating complex architectural risks clearly and influencing enterprise-level risk decisions by highlighting their potential business impact to executive stakeholders.- Produce and maintain comprehensive risk assessments for each business project.- Develop detailed risk reports and mitigation strategies, articulating technical risks clearly to both technical and non-technical stakeholders, including executive leadership.- Develop and manage the organization's Third-Party Risk Management (TPRM) program, including the establishment of processes for vendor risk assessment, due diligence, ongoing monitoring, and contract management from a risk perspective.- Develop detailed risk treatment plans and provide actionable recommendations for risk mitigation, working closely with asset owners and technical teams to ensure effective implementation.- Maintain and enhance the security risk register, ensuring accurate tracking of risks, controls, and mitigation progress.

Compliance & Audit Management- Oversee the lifecycle of security exception and approval requests, ensuring thorough documentation, appropriate routing, tracking, timely resolution, and actively contributing to the development and enforcement of exception policies and standards, providing guidance to requestors and approvers.- Manage and coordinate responses to internal and external security audits (e.g., SOC 2, ISO 27001, PCI DSS, regulatory exams), acting as a primary liaison with auditors and facilitating evidence collection.- Oversee the tracking, remediation, and validation of audit findings and non-conformities, working with responsible teams to ensure timely and effective closure.- Drive compliance initiatives for relevant laws and regulations such as PIPEDA, US and Canadian Privacy laws, and other industry-specific mandates.- Develop and deliver comprehensive compliance reports to management and other stakeholders.

GRC Tooling & Automation- Optimize the utilization of the GRC management solution to enhance automation, streamline workflows, and improve reporting capabilities for risk, compliance, and policy management.- Track the effectiveness of GRC initiatives and identify areas for improvement; collaborating with technical teams to implement solutions.- Develop and maintain complex dashboards and reports within the GRC tool to provide real-time insights into the organization's GRC posture.

Mentorship & Collaboration- Provide mentorship and guidance to junior GRC analysts, assisting in their professional development and the execution of their tasks, fostering a collaborative team environment.- Collaborate extensively with cross-functional teams including IT, Legal, Internal Audit, Privacy, and various business units to embed GRC principles into daily operations.- Communicate complex GRC concepts and findings clearly and concisely to diverse audiences, from technical staff to senior management.

ACADEMIC TRAINING- Bachelor's degree in Information Security, Business Administration, or a related field (or equivalent practical experience).- Preferred certifications: CISA, CRISC, CISSP, or other GRC-related.

SPECIFIC COMPETENCIES-
- Excellent written and verbal communication skills, with the ability to effectively communicate risk and compliance concepts to vari