Cybersecurity Risk Analyst
4 months ago
Resolute Forest Products, founded more than two centuries ago, is a global leader in the forest products industry. Through the years, it has built more than 20 predecessor companies and supported hundreds of communities.
The company owns or operates some 40 facilities, as well as power generation assets, in the United States and Canada. Our 6,600+ employees work hard to produce quality market pulp, tissue, wood products and papers that are marketed in over 60 countries.
Resolute offers a rewarding and safe work environment with opportunities and challenges that will help grow your skills.
The location in Montreal, (Quebec, Canada), is seeking talent to fill the position of Cybersecurity Risk Analyst . This job is full-time permanent.
By supporting the Manager of IT Compliance & Governance Security team, he/she will contribute the to IT risk management practice at Paper Excellence Group by maintaining and improving the IT risk management framework, manage IT exceptions and perform 3rd party vendor risk assessments. The resource will also participate to Business and IT projects and work with IT operation teams to assess risks and provide risk mitigation recommendations.
IT/Security Risk Assessment Framework
• Maintain and improve an IT/Security Risk Assessment Framework
• Document IT security risk, mitigating controls and present them to risk owner for decision taking.
• Coordinate with IT compliance team to ensure compensating controls have been put in place.
• Maintain the IT risk register through out IT risks lifecycle.
• Perform Privacy Impact Assessments (PIA).
3rd party vendors security assessment
• Maintain and improve 3rd party vendors assessment methodology.
• Perform 3rd party and cloud vendor security posture assessment, document the assessment and present the results to business owners.
• Review 3rd party contracts for IT security and data privacy related clauses and work in collaboration with IT Procurement and Legal teams.
• Maintain the Cloud vendor register.
• Provide vendor selection services for cybersecurity aspects to help business units select a vendor as part of RFP process.
IT Exception Handling Process
• Manage and maintain the IT Exception Handling Process.
• Document IT Exceptions, validate the needs from exception requestors and owner, seek exception approval from Cybersecurity management.
• Document risk assessment as needed.
• Maintain the IT Exceptions register and follow-up on approved exceptions.
Project advisory
• Provide project advisory services to Business and IT projects on IT risk matters to ensure risk management activities during project’s lifecycle. Occasionally provide support to project security advisory team to document project security requirements and controls to implement.
Risk management KPI and KRI
• Produce and report IT risk management KPI and KRI on a monthly basis.
Required Qualifications/Professional Experiences
• Bachelor degree or 5 years of professional experience in Cybersecurity;
• Minimum of 8 years’ experience of security governance, risk and compliance (GRC);
• Holds security related certifications such as CISSP, CISM, CSSP or similar an considered an asset;
Preferred Qualifications/Professional Experiences/Years of Experience:
• Practical experience with implementing and/or working with IT Risk management frameworks;
• Practical experience with performing IT Risk assessment during projects and as part of security operations;
• Practical experience with security controls and risk mitigation measures implementation.
• Practical experience by assessing 3rd party vendor risks and reviewing security and IT controls related assurances documentation provided by 3rd parties (e.g., ISO 27001 certifications, SSAE-16/18, SOC1, SOC2, etc...);
• Practical experience with managing an IT exception handling process;
• Hands-on experience and good knowledge in topics such as: identity and access management, network security, Cloud security, cryptography, web security, next generation security solutions and operating system security; and
• Experience with project life cycles, particularly security risk analysis, solutions design and broad systems integration.
Critical Competencies (Leadership, Technical, Innovation and Work Complexity):
• Great organizational and analytical skills;
• Able to vulgarize, ease in expressing ideas, influence others, challenge ideas and be convincing;
• Excellent interpersonal skills to be able to interact at all levels;
• Ability to influence and engage with senior management;
• Ability to quickly adapt to changing priorities and demands;
• Worked in a decentralized environment (both technical and processes);
• Experience in an information security (application and/or infrastructure) role in an enterprise environment;
• Structured and autonomous person;
• You have the ability to work well on a collaborative team and influence others without direct authority;
• Excellent written (documentation) and verbal communication skills (English & French).
What we are offering
Competitive salary and annual bonus
At least three weeks of vacation and three floating holidays a year from the first day of work, depending on your experience
Full range of group insurance from the first day of work
Telemedicine services
Defined-contribution pension plan with generous employer participation from the first day of work
Employee and family assistance program
Education assistance program
Health club reimbursement program
Hybrid workplace: in-person and remote work
Work environment based on respect, inclusion and diversity
Office accessible by public transit
Since January 1, 2022, we have occupied new state-of-the-art, open-concept, collaborative offices at 1010 De La Gauchetière Street West (Bonaventure metro station).
Resolute is firmly committed to placing greater emphasis on the principles of equity, diversity and inclusion to empower all employees to reach their full potential. We form a dynamic team whose diverse backgrounds and wealth of perspectives are one of the keys to our success. We offer an inclusive, rewarding and safe work environment with opportunities that will help grow your skills.
Four core values influence everything we do at Resolute and help ensure our continued growth and success:
Work safely
Be accountable
Ensure sustainability
Succeed together
Consult the Resolute Blog and follow us on LinkedIn, Instagram and Twitter to learn more about our company.
Resolute Forest Products is committed to the principles of employment equity.
#LI-Hybrid
20476
[[titleNOC]]
Information Technology
-
Cybersecurity Risk Analyst
1 month ago
Montreal, Canada Produits forestiers Résolu Full timeResolute Forest Products, founded more than two centuries ago, is a global leader in the forest products industry. Through the years, it has built more than 20 predecessor companies and supported hundreds of communities. The company owns or operates some 40 facilities, as well as power generation assets, in the United States and Canada. Our 6,600+ employees...
-
Cybersecurity Risk Analyst
1 month ago
Montreal, Canada Produits forestiers Résolu Full timeResolute Forest Products, founded more than two centuries ago, is a global leader in the forest products industry. Through the years, it has built more than 20 predecessor companies and supported hundreds of communities.The company owns or operates some 40 facilities, as well as power generation assets, in the United States and Canada. Our 6,600+ employees...
-
Cybersecurity Risk Analyst
3 months ago
Montreal, Canada Produits forestiers Résolu Full timeResolute Forest Products, founded more than two centuries ago, is a global leader in the forest products industry. Through the years, it has built more than 20 predecessor companies and supported hundreds of communities.The company owns or operates some 40 facilities, as well as power generation assets, in the United States and Canada. Our 6,600+ employees...
-
Senior Cybersecurity Risk Analyst
1 week ago
Montreal, Canada QUANTEAM Full timeCybersecurity Role in a Leading BankQuanteam, as the founding entity of RAINBOW PARTNERS, is a consulting firm specializing in Banking, Finance, and Financial Services. Our team of expert consultants collaborates across 10 international offices to deliver high-quality services to our clients.We are seeking a Cybersecurity Analyst to work with one of our...
-
Cybersecurity Risk Analyst
4 months ago
Montreal, Quebec, G4F, CA Produits forestiers Résolu Full timeResolute Forest Products, founded more than two centuries ago, is a global leader in the forest products industry. Through the years, it has built more than 20 predecessor companies and supported hundreds of communities. The company owns or operates some 40 facilities, as well as power generation assets, in the United States and Canada. Our 6,600+...
-
Cybersecurity Risk Manager
2 weeks ago
Montreal, Canada QUANTEAM Full timeAbout the PositionWe are seeking an experienced Cybersecurity Analyst to join our team in Montreal. This role aims to enhance the security framework of an international bank by conducting thorough security assessments, managing vendor relationships, and mitigating risks across applications and cloud environments.Key ResponsibilitiesConduct risk-based...
-
Cybersecurity Analyst for International Banking
2 weeks ago
Montreal, Quebec, Canada QUANTEAM (Groupe RAINBOW PARTNERS) Full timeJob OverviewWe are seeking a skilled Cybersecurity Analyst to enhance the security framework of an international bank based in Montreal. The ideal candidate will possess strong technical skills, experience in information security, and a proactive approach to managing security risks.
-
Operational Risk Manager – Cybersecurity Risks
4 months ago
Montreal, Canada SGS Société Générale de Surveillance SA Full timeResponsibilitiesThe Risk Management Department contributes to the sustainable growth of the Societe Generale group through its expertise, understanding of risks, and risk management techniques. The department’s mission is to independently analyze, assess, manage, and monitor risk-taking activities with the objective of achieving, together with the first...
-
Operational Risk Manager – Cybersecurity Risks
4 months ago
Montreal, Canada SGS Société Générale de Surveillance SA Full timeResponsibilitiesThe Risk Management Department contributes to the sustainable growth of the Societe Generale group through its expertise, understanding of risks, and risk management techniques. The department’s mission is to independently analyze, assess, manage, and monitor risk-taking activities with the objective of achieving, together with the first...
-
Operational Risk Manager – Cybersecurity Risks
1 month ago
Montreal, Canada Société Générale Assurances Full timeOperational Risk Manager – Cybersecurity Risks Innovation / Project / Organization Permanent contract Montreal, Quebec, Canada Reference 24000KQR Start date Immediately Publication date 2024/08/16 Responsibilities The Risk Management Department contributes to the sustainable growth of the Societe Generale group through its expertise,...
-
Operational Risk Manager – Cybersecurity Risks
4 months ago
Montreal, Canada SGS Société Générale de Surveillance SA Full timeResponsibilitiesThe Risk Management Department contributes to the sustainable growth of the Societe Generale group through its expertise, understanding of risks, and risk management techniques. The department’s mission is to independently analyze, assess, manage and monitor risk-taking activities with the objective of achieving, together with the first...
-
Cybersecurity Risk Management Expert
1 week ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. This is an exciting opportunity for a professional with expertise in cybersecurity risk management to contribute to our organization's success.Job DescriptionThe Cybersecurity Risk Manager will be responsible for...
-
Cybersecurity Risk Management Expert
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeCybersecurity Risk Management ExpertWe are seeking a highly skilled Cybersecurity Risk Management Expert to join our team at SGS Société Générale de Surveillance SA. The ideal candidate will have a strong background in cybersecurity risk management, with experience in assessing and mitigating risks associated with data and technology environments.About...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobAt SGS Société Générale de Surveillance SA, we are seeking a highly skilled Cybersecurity Risk Manager to join our team in the Americas Region. This role is responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on actual, mitigated, and residual cybersecurity risk in the organization.The successful...
-
Data Cybersecurity Risk Manager
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the JobWe are seeking a highly skilled Data Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. This role is responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.
-
Cybersecurity Risk Management Lead
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Management Lead to join our team at SGS Société Générale de Surveillance SA. In this role, you will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on actual, mitigated, and residual cybersecurity risk in the organization.Key...
-
Senior Cybersecurity Risk Strategist
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Senior Cybersecurity Risk Strategist to join our team at SGS Société Générale de Surveillance SA. In this critical role, you will be responsible for evaluating and mitigating cybersecurity risks across our organization.Job DescriptionEvaluate overall cybersecurity risk, maintain an active view, and report on...
-
Cybersecurity Risk Management Professional
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeJob SummarySociete Generale seeks a highly skilled Cybersecurity Risk Management Professional to join our team in the United States. This role requires expertise in assessing and mitigating cybersecurity risks, developing risk management programs, and collaborating with IT organizations to establish standards and policies.About the JobThe successful...
-
Cybersecurity Risk Management Lead
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking an experienced Cybersecurity Risk Management Lead to join our team at SGS Société Générale de Surveillance SA. In this role, you will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.Key...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAt SGS Societe Generale de Surveillance SA, we are seeking a skilled Cybersecurity Risk Management Specialist to join our team.About the JobThis is a critical role that requires a deep understanding of cybersecurity risks and mitigation strategies. As a Cybersecurity Risk Management Specialist, you will be responsible for evaluating overall cybersecurity...
