Information Security Leader

Martyn Bassett Inc
Location
Toronto

Description

Company

Our client, has established itself as an undisputed Industry leader in Cybersecurity Advisory Services, Systems Integrations, and Managed Services.

Our Clients expert resources work closely with their Client base to assist them in reducing risks to their critical infrastructure; sensitive data from unauthorized access and cyber threats; enabling digital transformation; protecting citizen/consumer privacy; and, addressing regulatory and governance requirements.

Our Client has forged numerous strategic partnerships with state-of-the-art identity security technology companies.


Mission

Our client is looking for a senior security leader. As an individual contributing InfoSec leader, you will be responsible for bringing a systematic and disciplined approach to the evaluation and improvement of company's governance, risk management and internal controls. The hire will also own the consulting engagements to advise clients on Information Security, risk and compliance. About 30% of the time is focused on internal systems.

Responsibilities:

  • IT asset management audits
  • Own policy, governance and compliance
  • Develop and streamline the security policy
  • Meet contractual obligations
  • Security Clearances with Government of Canada
  • Developing risk and control matrices and reviewing procedures

There will be some client facing responsibilities:

  • Conduct assessments of IT risks, compliance and controls in support of internal and external audit and advisory engagements
  • Be able to interpret the requirements of control frameworks such as NIST, ISO, NERC, CMMC, TSA etc.
  • To specify controls within systems
  • IT governance reviews
  • Support assessments for broader information security topics such as cyber maturity assessments, ISO audits, incident management reviews as well IT general controls
  • Monitoring relevant technology risk standards and practices
  • Developing risk and control matrices and reviewing procedures
  • The review and provision of advice and assistance on business process controls

Experience & Expertise

  • Bachelor's or Master's degree in accounting, business, computer science, or other relevant field required.
  • Completion of relevant certifications - such as CISA (preferred), CISSP, ISO27001.
  • Relevant experience in assessing information technology or business process risk.
  • Strong understanding and experience with IT General Controls and security controls audits or assessments (e.g., SOC 1/2, ISO 27001, NIST) is preferred.
  • Experience in the designing and testing of controls in different IT environments.
  • Strong understanding of business and audit risks.

Apply