détails d'emploi
Do you have 7+ years’ experience in information security, including working with large security projects? Do you have proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle? If so, this would be a great opportunity for you!
...
Our client is looking for a Senior Security Specialist for a 6 month contract in Toronto.
This is a hybrid role 2 days per week onsite.
Advantages
· Hybrid role: 2 Days onsite / 3 days remote
· Earn a competitive rate within the industry
Responsibilities
• Lead security and vendor risk assessments, identifying risks and gaps, and developing mitigation strategies for third-party vendors.
• Conduct detailed assessments of third-party vendors’ security domains, communicate findings, prepare regular reports and updates to management and stakeholders.
• Develop and implement cybersecurity governance frameworks, policies, and procedures in collaboration with cross-functional teams.
• Provide support for audit, compliance, and regulatory requests. Precise and thorough documentation and analysis are essential for effective security auditing and compliance efforts.
• Collaborate with internal teams and vendors to develop cybersecurity requirements for new solutions, ensuring alignment with security policies and standards.
• Work with other team members to develop and align with cybersecurity requirements for solutions as required
• Work with project teams to recommend and implement security controls to address identified risks.
• Work with Enterprise Architecture, Solution Delivery, Security and Operations teams as part of a large program/project team to ensure security solutions and meet security compliance and security policies and standards
• Identify requirements for policies and standards, and work with relevant teams in creation, development, review and approval
• Act as a cybersecurity resource for new and upcoming project-based detail work
• Work with project teams to identify and recommend security controls to remediate security risks and issues
• Ongoing compliance work related to regulatory requirements and/or compliance to Metrolinx standards
• Develop the security process, procedure, governance artifacts and security controls within the Cybersecurity Risk Management and Governance/Compliance Programs.
• Assist with security audits and threat/risk assessments to ensure compliance with security policies, standards and procedures, and work with business/technical/operational areas in taking corrective actions on any identified security exposures
• Provide advice, risk assessment, recommendations and technical assistance in implementing security controls for projects
• Communicate regularly with cybersecurity teams, internal stakeholders, project teams and representatives from various functional teams, including escalating any matters to senior team members that require additional analysis
• Support the implementation of security principles, policies, and standards to align with industry best practices, ensuring security controls are integrated into system development, deployment, and operation
Qualifications
Must Haves:
· 7+ years’ experience in information security, including working with large security projects
· Proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle
· Proficient in cybersecurity risk management and third-party risk management tools (e.g., ServiceNow, OneTrust, Audit Board)
· Strong knowledge of industry standards and regulations such as PCI-DSS, NIST, ISO 27001 and the ability to ensure compliance
Experience/skills required:
• A minimum of seven (7+) years of experience in information security. Including working with large security projects
• Strong communication, interpersonal and presentation skills for engaging with diverse stakeholders
• Expertise in security governance, risk management, and compliance, including developing road maps, policies, standards, procedures and processes
• Proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle
• Ability to work in cross-functional teams, communicating complex technical information to all levels of the organization, including the leadership team
• Proficient in cybersecurity risk management and third-party risk management tools (e.g., ServiceNow, OneTrust, Audit Board).
• Experience with development of security processes, procedures and standards documentation
• Strong knowledge of industry standards and regulations such as PCI-DSS, NIST, ISO 27001 and the ability to ensure compliance
• Strong time management skills and the ability to prioritize project work and ongoing responsibilities
• Self-motivated with the ability to work independently in a fast-paced environment in a fast-paced environment
• Proficiency with standard Microsoft Office tools such as Word, Excel, PowerPoint, PowerBI and Visio
Summary
If you are interested in the Senior Security Specialist in Toronto, please apply online at www.randstad.ca. Qualified candidates will be contacted.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
voir plus
Do you have 7+ years’ experience in information security, including working with large security projects? Do you have proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle? If so, this would be a great opportunity for you!
Our client is looking for a Senior Security Specialist for a 6 month contract in Toronto.
This is a hybrid role 2 days per week onsite.
Advantages
· Hybrid role: 2 Days onsite / 3 days remote
· Earn a competitive rate within the industry
Responsibilities
• Lead security and vendor risk assessments, identifying risks and gaps, and developing mitigation strategies for third-party vendors.
• Conduct detailed assessments of third-party vendors’ security domains, communicate findings, prepare regular reports and updates to management and stakeholders.
• Develop and implement cybersecurity governance frameworks, policies, and procedures in collaboration with cross-functional teams.
• Provide support for audit, compliance, and regulatory requests. Precise and thorough documentation and analysis are essential for effective security auditing and compliance efforts.
...
• Collaborate with internal teams and vendors to develop cybersecurity requirements for new solutions, ensuring alignment with security policies and standards.
• Work with other team members to develop and align with cybersecurity requirements for solutions as required
• Work with project teams to recommend and implement security controls to address identified risks.
• Work with Enterprise Architecture, Solution Delivery, Security and Operations teams as part of a large program/project team to ensure security solutions and meet security compliance and security policies and standards
• Identify requirements for policies and standards, and work with relevant teams in creation, development, review and approval
• Act as a cybersecurity resource for new and upcoming project-based detail work
• Work with project teams to identify and recommend security controls to remediate security risks and issues
• Ongoing compliance work related to regulatory requirements and/or compliance to Metrolinx standards
• Develop the security process, procedure, governance artifacts and security controls within the Cybersecurity Risk Management and Governance/Compliance Programs.
• Assist with security audits and threat/risk assessments to ensure compliance with security policies, standards and procedures, and work with business/technical/operational areas in taking corrective actions on any identified security exposures
• Provide advice, risk assessment, recommendations and technical assistance in implementing security controls for projects
• Communicate regularly with cybersecurity teams, internal stakeholders, project teams and representatives from various functional teams, including escalating any matters to senior team members that require additional analysis
• Support the implementation of security principles, policies, and standards to align with industry best practices, ensuring security controls are integrated into system development, deployment, and operation
Qualifications
Must Haves:
· 7+ years’ experience in information security, including working with large security projects
· Proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle
· Proficient in cybersecurity risk management and third-party risk management tools (e.g., ServiceNow, OneTrust, Audit Board)
· Strong knowledge of industry standards and regulations such as PCI-DSS, NIST, ISO 27001 and the ability to ensure compliance
Experience/skills required:
• A minimum of seven (7+) years of experience in information security. Including working with large security projects
• Strong communication, interpersonal and presentation skills for engaging with diverse stakeholders
• Expertise in security governance, risk management, and compliance, including developing road maps, policies, standards, procedures and processes
• Proven experience in contractual security requirements and third-party risk management through RFP processes and vendor evaluations throughout procurement life cycle
• Ability to work in cross-functional teams, communicating complex technical information to all levels of the organization, including the leadership team
• Proficient in cybersecurity risk management and third-party risk management tools (e.g., ServiceNow, OneTrust, Audit Board).
• Experience with development of security processes, procedures and standards documentation
• Strong knowledge of industry standards and regulations such as PCI-DSS, NIST, ISO 27001 and the ability to ensure compliance
• Strong time management skills and the ability to prioritize project work and ongoing responsibilities
• Self-motivated with the ability to work independently in a fast-paced environment in a fast-paced environment
• Proficiency with standard Microsoft Office tools such as Word, Excel, PowerPoint, PowerBI and Visio
Summary
If you are interested in the Senior Security Specialist in Toronto, please apply online at www.randstad.ca. Qualified candidates will be contacted.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
voir pluspartager l'offre d'emploi
