Job Description

OPENTEXT - THE INFORMATION COMPANY

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
The Opportunity:
Working within the Global Information Security team, reporting to the Manager of Security Governance, the Lead Information Security Governance Analyst will be involved in leading and sustaining the Protected B (ISTG-33) Governance framework by working collaboratively with internal teams, SMEs, and other stakeholders. You will lead the governance program and contribute to other public sector certifications. The Lead Information Security Governance Analyst will be expected to understand a wide array of IT security controls, processes, and concepts. This will include extensive effort researching and writing security policies, understanding data protection strategies, and organizing policy documentation for the entire organization. The role will also be required to provide support of audit controls for ISO27001, SOC1, and SOC 2 on the Open Text Commercial platforms.
The role is primarily responsible for Policy & Documentation Mgmt associated to Protected B (ISTG-33). The role works with a team of analysts, who have diverse program responsibilities including but not limited to; Security Awareness Training, Security Communications, Budget Planning, Mergers & Acquisitions, and presentations to senior leadership.
The Governance Analyst will be responsible:

• 
  Ensure that all security policies and documentation under the stewardship of the Governance team are reviewed and updated no less than on an annual basis,
• Help to facilitate monthly reviews of our security policies in support of our ISO27001 ISMS program.
• Assist in facilitating the quarterly governance policy meetings communicating policy changes and governance initiatives to stakeholders.
• Synchronizing complex policy clauses with other Information Security requirements regarding audit/compliance and risk management.
• The review and assessment of new governance frameworks
• Identifying opportunities for continuous improvement across Global Information Security
• Assist with the creation presentations for senior leadership, and Board of Directors.
• Knowledge of merger and acquisitions

This is a hands-on role, working and evaluating changes to our security policy documentation. This role will focus on continuous improvement of the governance program and associated activities. You will provide input and will directly interface with multiple groups across Open Text.
You are great at:
Including but not limited to:

• Detailed knowledge of governance, compliance, and risk models
• Knowledge of security frameworks, domains, and associated security concepts
• Writing policies in support of security and business needs a requirements
• Understanding concepts in support of audit controls for Protected B(ISTG-33), ISO27001/ISO27017/ISO 27018, SOC1/SOC2, PCI-DSS, FedRAMP, and HIPAA
• Process creation
• Continuous Process improvement
• Creating presentations
• Keeping up with emerging security trends and applying that knowledge

What it takes:

• 
  Bachelor\xe2\x80\x99s Degree in Information Systems, Business Administration, or similar degree, or equivalent experience preferred.
• 5+ years in security risk, compliance, and governance
• Strong written and verbal communication skills
• Working across multiple teams and stakeholders to create policy and process
• Experience developing process
• Collection of audit deliverables
• Experience writing Process, Policy and Procedures documentation
• Working across GIS teams to create a project portfolio
• Experience creating presentations
• Knowledge of merger and acquisition processes and ability to analyze security risk for M&A activities
• Strong inter-personal skills are required to work across multiple internal teams
• Familiar with commonly used information security frameworks, best practices, and standard procedures
• Capable of working independently under pressure in a continually changing environment
• Is resourceful in knowing how to research requirements and find information for documentation purposes
• Strong knowledge of Open Text Commercial products and solutions is helpful
• Audit framework knowledge for Protected B(ISTG-33), ISO27001/27017/27018, SOC1 & SOC2, PCI-DSS, HIPAA, FedRAMP desired
• Ability to work with peers and leadership teams
• Ability to participate in key proactive security programs.
• CGEIT, CISA, CISM, CISSP, ITIL or other IT certifications preferred

OpenText\'s efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.