Job Description

:

Always there. Anywhere. That\'s us! A team committed to delivering inspired solutions for a better world. We care for our communities and each other, and we are committed to showing up for those who need us. We value and encourage diversity, and we have the courage to do the right thing, even when it\'s hard.

We\'re looking for someone who cares about their work and strives for more each day. Someone who challenges the status quo, embraces change, and thrives in a collaborative work environment. If you are someone who approaches work with passion, curiosity and the courage to innovate, then this role is for you.

We are looking for a Cybersecurity Compliance Manager to join us in the exciting work we do in Cybersecurity Risk Department. It\'ll be your responsibility to oversee cybersecurity compliance within ATCO companies and ensuring compliance with ATCO Control Standards (ACSs), applicable laws and regulations, and ATCO policies, and procedures within a federated IT organization.

We require a Cybersecurity Compliance Manager with a solid understanding of the NIST Framework and the evidence required to align with the NIST Framework. The manager will be responsible for ensuring ATCO meets the security requirements detailed in the ACSs to protect ATCO from cyber security incidents.

The Cybersecurity Compliance Manager will support the Cybersecurity Risk Manager in the performance of vendor cybersecurity vendor assessments.

This position reports to the Director of Cybersecurity Governance, Risk, and Compliance in the Office of the CISO. This role is dedicated to applying management skills, consulting knowledge, and Cybersecurity training in the performance of the Cybersecurity Compliance for the ATCO Group.

The scope of this role includes Information Security across all ATCO companies and geographies, Information Technology (IT) and Operational Technology (OT) environments.

What You Get To Do:

Compliance

• Process Owner of the Cybersecurity Compliance Methodology - Develops compliance strategies by contributing information, analysis, and recommendations to senior leaders by establishing functional objectives in line with ATCO\'s IT federated model.
• Collaborates with ATCO leadership to develop corporate governance for compliance within an IT federated model.
• Develop and oversee ATCO\'s security policies and procedures in accordance with ATCO\'s ACSs (based on the NIST Framework), industry regulations, standards, and laws.
• Develop and implement the Cybersecurity compliance methodology for ATCO group.
• Define metrics to measure effectiveness of controls and compliance across ATCO Companies
• Compliance Communications - Quarterly compliance reporting to senior leaders - Annual reports for IT and business executives on the status of compliance across ATCO companies and key vendors.
• Ad hoc creation and delivery compliance presentations as required. - Trends in laws and regulations - Provide training and support in understanding of the ACS with representatives within ATCO companies.
• Provide cybersecurity risk-related guidance to employees, colleagues, and/or customers.
• Regulatory Risk and Compliance - Minimizes legal risks by understanding current and proposed legislation, enforcing regulations, recommending new procedures, and aligning with legal requirements across multiple jurisdictions.
• Regularly assess the efficiency of control systems and recommend effective improvements.
• Perform periodic audits on ATCO companies\' and vendor procedures and processes.

Internal Audit Liaison

• Act as the contact point for all IT-focused Internal Audit inquiries and initiatives
• Assist and advise on Internal Audit activities supporting ATCO\'s external Audit partners.
• Provide subject matter expertise in the area of IT controls, frameworks, and risks.
• Ensure that changes in internal and external Audit standards and applicable regulations are reflected in CISO compliance artifacts and standards.

Other Duties As Assigned

• Support Risk Manager as required.
• Support Senior Cybersecurity Analyst as required.
• Support team members in performance of cybersecurity governance activities.

Who You Are:

• Minimum Bachelor degree required, with a preference given to a focus on IT or IT-risk-related disciplines (for example, Cybersecurity, privacy, business continuity management and compliance). A business degree or engineering degree is beneficial.
• At least 5 years of direct cybersecurity compliance experience, ideally with 10 years of experience in Information/Cyber Security, Technology Management, Compliance or Technology Audit.
• A minimum of one of the certifications identified below is required -CISSP (Certified Information Systems Security Professional by ISC2), CISM (Certified Information Security Manager by ISACA), SABSA-SCF (Sherwood Applied Business Security Architecture).
• Experience working in IT Federated environments.
• Ability to work with 3rd parties to explain and demonstrate policy compliance.
• Detailed oriented with acute business insight partnered with dedication to legality.
• Proven and effective negotiation skills, time management skills, organizational skills, and ability to multitask.
• Customer service driven and attention to detail is a must.
• Flexibility to adjust and thrive in an environment with changing requirements, schedules, and priorities.
• Able to communicate clearly and concisely with a range of associates as well as senior executives.
• Dedicated and resourceful to achieve goals independently as well as work well in groups.
• Experience in leading cross-functional initiatives
• Experience supporting Auditors and translating audit requirements to specific information requests.
• Excellent communication, writing, meeting facilitation skills.

What We Offer:

• A culture based on caring, integrity, agility, collaboration, and striving for excellence
• Competitive compensation
• Flex benefits
• Tuition assistance program
• Training and mentorship programs
• Charitable donation matching

We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.

Canadian Utilities is part of ATCO Ltd. ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com.

At ATCO, we support a diverse and inclusive environment that values the contributions and perspectives of everyone on the ATCO team. We believe the ATCO team is the foundation of our business and our most valuable asset across our global operations. Without each team members\' unique skills, strengths, and knowledge, we simply wouldn\'t be able to achieve our fundamental vision of delivering life\'s essential services to our customers around the world.

ATCO is an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

ATCO