Do you have 5+ years experience in risk management models for assessing and mitigating various aspects of risk exposure? Do you have 5 years experience in Risk assessment methodologies such as HTRA and NIST CSF, and frameworks such as ISO 27001/2?If so, this would be a great opportunity for you!
...
Our client is looking for a Senior Security Specialist for a 4 month contract in Toronto.
This is an onsite role.
Advantages
• Earn a competitive rate within the industry.
• Location: Up to 5 days onsite (subject to change)
Responsibilities
• Take a subject matter expert role in various security risk management initiatives and providing security expertise, facilitating collaboration and performing Risk Assessment for various projects / products / applications and services within OH and external vendors using NIST CSF.
• Analyze proposed solution architectures, technology, design and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes. Identify, analyze, and recommend options for risk management at appropriate levels within the enterprise and the health care sector.
• Present topic areas and relevant security materials to product and digital solution groups.
• Consult with members and teams in Ontario Health to implement recommended security policies and related controls.
• Track the security control implementation and working through Risk Treatment plans
• Coordinate internal and external information security initiatives as a subject matter expert to reach feasible security solutions for issues across the health care sector.
• Take a leading role in offensive security practices and provide guidance to the teams with methodologies, tools, and processes.
• Contribute to the ongoing development and maturing of the OH security program, consulting and assurance practices.
• Demonstrate the ability to effectively negotiate and resolve conflicts with individuals or teams in a professional and collaborative manner.
• Utilize strong communication and negotiation skills to effectively persuade individuals with differing perspectives and conflicting interests towards a mutually beneficial resolution on a regular basis.
• Implement tools and processes to manage workflow and materials related to the information security risk management.
• Stay abreast of any changes to industry best practices or legislative regulations and assess the resulting impact to the organization.
• Deep knowledge of the methodologies, frameworks, and processes in Information Security domain.
• Good Experience in conducting Threat Risk Assessments using various Framework / Methodologies / Standards such as (NIST / HTRA / ISO).
• Risk management models for assessing and mitigating various aspects of risk exposure.
• Generate risk maps to help, guide the risk owners and keep the stakeholders in the communication.
Qualifications
Must Haves:
• 5+ years experience on conducting comprehensive security Threat and Risk Assessment (TRA) using frameworks such as NIST CSF, HTRA, and ISO 27001. Risk Assessment, mitigation recommendations and management with a strong focus on identifying vulnerabilities, analyzing potential impacts, and delivering actionable risk mitigation to stakeholders Risk management such as FAIR model
• 5+ years experience in risk management models for assessing and mitigating various aspects of risk exposure.
• 5 years experience in Risk assessment methodologies such as HTRA and NIST CSF, and fra+meworks such as ISO 27001/2.
• 5+ years experience as An adept team player who is action oriented, with a record of accomplishment of motivating other team members to achieve higher goals.
Desired Skills:
· 5+ years’ experience in various security domains including third-party risk management, IT audits and/or Security Governance, Risk and Compliance (GRC)
· Bachelor’s or Master’s degree in Computer Science, Information Technology, Cyber Security, Systems or other related field, or equivalent work experience.
· Professional certifications in information/cyber security (e.g. CISSP, CCSP, CISA, CISM, CRISC) is required.
· Knowledge of prevalent industry standards (ISO 27001/27002, NIST, CIS, COBIT)
Required Skills:
· An understanding of risk assessment methodologies such as HTRA and CSF, and frameworks such as NIST and ISO 27001/2.
· Knowledge and experience developing and working with security architecture, and IT management frameworks such as SABSA, and CoBIT.
· Strong understanding and ability to interpret and communicate risk management concepts.
· Good experience & knowledge of TRA methodologies and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies
· Knowledge of a wide variety of information systems and security technologies including Operating Systems security, LAN and WAN, Internet protocols and applications, secure communications, firewalls, IDS/IPS, PKI, identity management, identification and authentication techniques, role-based access control, malware defenses, etc.
· Deep Understanding of typical security threats, vulnerabilities and safeguards relevant to application development, test and QA environments, and IT (datacenter) operations.
· Experience in writing and presenting subject matter information that is both comprehensive and easy to understand.
· Experience and working knowledge of risk management lifecycle, processes, and concepts.
Summary
If you are interested in the Senior Security Specialist role in Toronto, please apply online at www.randstad.ca. Qualified candidates will be contacted.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
Do you have 5+ years experience in risk management models for assessing and mitigating various aspects of risk exposure? Do you have 5 years experience in Risk assessment methodologies such as HTRA and NIST CSF, and frameworks such as ISO 27001/2?If so, this would be a great opportunity for you!
Our client is looking for a Senior Security Specialist for a 4 month contract in Toronto.
This is an onsite role.
Advantages
• Earn a competitive rate within the industry.
• Location: Up to 5 days onsite (subject to change)
Responsibilities
• Take a subject matter expert role in various security risk management initiatives and providing security expertise, facilitating collaboration and performing Risk Assessment for various projects / products / applications and services within OH and external vendors using NIST CSF.
• Analyze proposed solution architectures, technology, design and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes. Identify, analyze, and recommend options for risk management at appropriate levels within the enterprise and the health care sector.
...
• Present topic areas and relevant security materials to product and digital solution groups.
• Consult with members and teams in Ontario Health to implement recommended security policies and related controls.
• Track the security control implementation and working through Risk Treatment plans
• Coordinate internal and external information security initiatives as a subject matter expert to reach feasible security solutions for issues across the health care sector.
• Take a leading role in offensive security practices and provide guidance to the teams with methodologies, tools, and processes.
• Contribute to the ongoing development and maturing of the OH security program, consulting and assurance practices.
• Demonstrate the ability to effectively negotiate and resolve conflicts with individuals or teams in a professional and collaborative manner.
• Utilize strong communication and negotiation skills to effectively persuade individuals with differing perspectives and conflicting interests towards a mutually beneficial resolution on a regular basis.
• Implement tools and processes to manage workflow and materials related to the information security risk management.
• Stay abreast of any changes to industry best practices or legislative regulations and assess the resulting impact to the organization.
• Deep knowledge of the methodologies, frameworks, and processes in Information Security domain.
• Good Experience in conducting Threat Risk Assessments using various Framework / Methodologies / Standards such as (NIST / HTRA / ISO).
• Risk management models for assessing and mitigating various aspects of risk exposure.
• Generate risk maps to help, guide the risk owners and keep the stakeholders in the communication.
Qualifications
Must Haves:
• 5+ years experience on conducting comprehensive security Threat and Risk Assessment (TRA) using frameworks such as NIST CSF, HTRA, and ISO 27001. Risk Assessment, mitigation recommendations and management with a strong focus on identifying vulnerabilities, analyzing potential impacts, and delivering actionable risk mitigation to stakeholders Risk management such as FAIR model
• 5+ years experience in risk management models for assessing and mitigating various aspects of risk exposure.
• 5 years experience in Risk assessment methodologies such as HTRA and NIST CSF, and fra+meworks such as ISO 27001/2.
• 5+ years experience as An adept team player who is action oriented, with a record of accomplishment of motivating other team members to achieve higher goals.
Desired Skills:
· 5+ years’ experience in various security domains including third-party risk management, IT audits and/or Security Governance, Risk and Compliance (GRC)
· Bachelor’s or Master’s degree in Computer Science, Information Technology, Cyber Security, Systems or other related field, or equivalent work experience.
· Professional certifications in information/cyber security (e.g. CISSP, CCSP, CISA, CISM, CRISC) is required.
· Knowledge of prevalent industry standards (ISO 27001/27002, NIST, CIS, COBIT)
Required Skills:
· An understanding of risk assessment methodologies such as HTRA and CSF, and frameworks such as NIST and ISO 27001/2.
· Knowledge and experience developing and working with security architecture, and IT management frameworks such as SABSA, and CoBIT.
· Strong understanding and ability to interpret and communicate risk management concepts.
· Good experience & knowledge of TRA methodologies and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies
· Knowledge of a wide variety of information systems and security technologies including Operating Systems security, LAN and WAN, Internet protocols and applications, secure communications, firewalls, IDS/IPS, PKI, identity management, identification and authentication techniques, role-based access control, malware defenses, etc.
· Deep Understanding of typical security threats, vulnerabilities and safeguards relevant to application development, test and QA environments, and IT (datacenter) operations.
· Experience in writing and presenting subject matter information that is both comprehensive and easy to understand.
· Experience and working knowledge of risk management lifecycle, processes, and concepts.
Summary
If you are interested in the Senior Security Specialist role in Toronto, please apply online at www.randstad.ca. Qualified candidates will be contacted.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
