Governance, Risk
7 days ago
About Us
We are a premier cybersecurity consultancy, blending advanced offensive and defensive strategies to safeguard our customers.
With a team known for its contributions to cybersecurity research at platforms like Black Hat and DEF CON, we excel at identifying and mitigating sophisticated threats. Large enterprises from a range of industries trust us for advanced adversarial emulation and for critical support in managing their cyber frameworks. Governments trust us with classified projects, relying on our precision and discretion to handle sensitive information securely.
We're a small group that makes a big impact. Our deep technical expertise and our commitment to clients continues to fuel our success, and with success comes growth – we're currently searching for a GRC Consultant with a strong cybersecurity consulting background…
Role Profile
In this position your mandate is to ensure that our clients meet the stringent cybersecurity standards set by regulatory bodies in their industries and jurisdictions. Working remotely, you'll advise clients on best practices, develop work plans, harness resources, and ultimately drive engagements to completion.
This is a challenging role, but also an outstanding opportunity to join an accelerating startup in a position that's crucial to the company's continued success.
Key Responsibilities
- Provide guidance and support to client organizations throughout their cybersecurity maturity journey, helping them to build robust cybersecurity roadmaps.
- Work with clients to design and implement right-sized cybersecurity controls in line with global industry, sector, and regulatory frameworks and standards.
- Collaborate with clients' teams to develop and implement risk treatment methodologies and plans necessary to achieve and maintain their program compliance.
- Clearly articulate cybersecurity requirements to client organizations' employees of all levels to ensure understanding and senior leadership sponsorship.
- Assist organizations with the review and update of existing security policies and procedures to align with evolving requirements and best practices in cybersecurity.
- Prepare detailed reports on the status of an organization's cybersecurity compliance. Prepare and deliver thoughtful, insightful, and professional presentations to clients and internal Malleum stakeholders.
- Keep abreast of the latest cybersecurity threats and trends, as well as updates to the relevant industry standards such as the CMMC framework.
- Achieve utilization targets, complete projects on time and budget, and meet quality standards.
- Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction.
- Execute project planning, scheduling, and other coordination of internal and client resources to conduct interviews, meetings, and presentations.
- Develop a thorough understanding of our solution and service offerings, sales process, marketing materials, contract and statement of work (SOW) structure, methodologies, delivery standards, work tools, and processes.
- Pursue additional education and stay current on best practices, technical skills, and tools related to the position's duties.
We're looking for a star. As an ideal candidate you're a natural consultant: driven, highly organized, autonomous and analytical, with outstanding communication and interpersonal skills, and the ability to quickly establish your credibility and build trusting relationships with clients.
You thrive under pressure, you learn fast, and your expertise stretches beyond typical GRC work into the implementation of cybersecurity controls to support clients' continuous improvement efforts.
It is essential that you fulfill the requirements to acquire a SECRET level II security clearance.
Key Qualifications
- Post-secondary education in information technology, computer science, or equivalent combination of education and experience.
- 5-8 years of experience in IT security, risk management, or compliance.
- Current certification as a Registered Practitioner Advanced (RPA) or Registered Practitioner (RP) is an asset. The ability to achieve a Registered Practitioner (RP) credential under the CMMC version 2.0 framework is essential.
- In-depth knowledge of the CMMC framework, NIST SP , and DFARS regulations.
- Relevant professional certifications such as CISSP, CRISC, CISA, CISM, coupled with advanced knowledge of a range of cybersecurity technologies and solutions.
- Skilled and experienced in managing projects and leading consulting engagements, with a record of delivering exceptional value to clients.
- Experience with cybersecurity systems and infrastructure design and configuration is a significant asset.
- Superior communication and presentation skills with the ability to explain complex security concepts to non-technical staff.
- Exceptional client-service orientation, with the ability to build trust and develop rapport with a broad range of client stakeholders, including Defense Industrial Base compliance and information system professionals.
- Independent and autonomous, with the drive to seek out and leverage internal resources as needed, and proactively take ownership of their work and career development.
- Excellent analysis and problem-solving skills, especially in the information systems, security, and privacy space.
- Ability to learn new subject matter and context quickly and to maintain market and subject matter awareness.
- Ability to understand SOWs, customer proposals, project notes, deliverables, and final reports; assimilate previous experience, relevant subject matter, data, facts, and results; and develop relevant questions of colleagues to hasten understanding scenarios, methodologies, processes, and "lessons learned."
-
Governance, Risk, and Compliance
2 weeks ago
Remote, Canada Wellstar Full timeWho we areAt WELLSTAR, we are committed to reshaping Canadian healthcare by leveraging technology to address the administrative burdens that pull physicians away from their true calling—patient care. Our mission is focused on supporting providers and patients, shifting the emphasis back to quality, time, and positive outcomes. With a comprehensive suite of...
-
Governance, Risk, and Compliance
7 days ago
Remote, Canada Wellstar Health System Full timeWho we areAt WELLSTAR, we are committed to reshaping Canadian healthcare by leveraging technology to address the administrative burdens that pull physicians away from their true calling—patient care. Our mission is focused on supporting providers and patients, shifting the emphasis back to quality, time, and positive outcomes. With a comprehensive suite of...
-
AI Risk
5 days ago
Remote, Canada Safe Computing Full timeRole OverviewWe are seeking an AI Risk & Compliance Specialist to oversee, implement, and maintain our organization's AI governance, risk management, and compliance programs. This role is critical to ensuring that AI systems are used responsibly, ethically, and in alignment with regulatory and organizational requirements.The ideal candidate will serve as the...
-
Manager Data Governance
2 days ago
Remote, Canada VON Canada Full timeDescription Position at VON Canada Requisition Details: Employment Status: Regular, Full-time (1.0 FTE) Program Name: IT/ISNumber of Hours Bi-Weekly: 75 Work Schedule: DaysOn-Call: NoExisting Vacancy: Yes - we're currently hiring candidates for an existing vacancy in this position. Job Summary: The Manager, Data Governance and Reporting plays a...
-
Remote, Canada Maplesoft Group Full timeTitleSenior IT Security Threat and Risk Assessment AnalystLocationRemote, within CanadaStart Date LanguageEnglishSalaryNegotiableSecurity ClearanceEnhanced Reliability ClearanceDuration4 MonthsDate Posted Job ID14032Recruiter EmailMaplesoft Group is currently seeking a Remote Senior IT Security Threat and Risk Assessment Analyst for our Federal Government...
-
Manager, Enterprise Risk Management
2 days ago
Remote, Canada BRIM Full timeCompany OverviewBrim Financial is one the fastest growing enterprise technology companies, according to Deloitte's Technology Fast 50 in North America. Brim's Credit-Card-as-a-Service has been recognized as best-in-class for product capabilities by Aite-Novarica Group in their analysis of global Credit-Card-as-a-Service providers. Brim's robust platform and...
-
Privacy Governance Manager
2 days ago
Remote - Alberta, Canada Twilio Full timeSee yourself at Twilio Join the team as our next Privacy Governance Manager. About the job This position is needed to support the Privacy Governance Team and report to the Director of Privacy Governance within the Legal organization. Your role will provide integral support to the Privacy team, helping them stay on track with company priorities. You will...
-
Manager, Head of Risk Standards
2 days ago
Remote, US or Canada Stripe Full timeWho we are About StripeStripe is a financial infrastructure platform for businesses. Millions of companies - from the world's largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of...
-
SAP Process
2 days ago
Remote, Canada Excelgens Full timeJob Title: Senior SAP Process & Governance ConsultantDuration: 3-6 Months (Possibility of extension)Work Mode: RemoteJob Summary:We are looking for a senior SAP professional with strong experience in SAP process implementation, controls design and mitigation, and governance frameworks. The role will focus on ensuring compliant, well-controlled SAP business...
-
Cyber Security Project Manager
1 week ago
Remote, Canada Compest Solutions Inc Full time**Job title : Cyber Security Project Manager** **Work Location: Remote in Canada **should be able to work in the EST time zone **Position Type - Fulltime Contract** **R**ate CAD$40 -45/hr on Inc Exp - 12+ YEARS Project Manager: PMP Certified Leads assigned projects from project initiation to implementation to achieve desired business results. Ensures...
