Job Description

Location: Toronto, ON, CA Scarborough, ON, CA Quebec City, Quebec, CA Mississauga, ON, CA Edmonton, AB, CA Vancouver, British Columbia, CA Burnaby, British Columbia, CA Quebec, Quebec, CA

Req ID: 28800

Jobs by Category: Security & Automation

Job Function: Cybersecurity

Status: Full Time

Schedule: Regular

Description

Join our team
We live in a fast-paced cyber-world where protecting our information has become paramount. At TELUS Security, we strive to always be steps ahead, tackling the toughest security challenges head-on with top talent and cutting edge technology. As part of the 3rd party risk assessment team, you will join passionate security professionals who are focused on creating a best in class supplier risk management program.
Here’s the impact you’ll make and what we’ll accomplish together:
As a Senior Security Consultant, you will focus on 3rd party Risk Assessment by interviewing key leaders and stakeholders and by reviewing and analyzing data from multiple internal and external stakeholders. You will document and communicate the result of your Risk Assessment and make recommendations to Business Units leaders.
Here’s how:

• Understand the Risk Framework and create risk indicators that show variances to policy and standards adoption or adherence
• Support and ensure adherence to cybersecurity, digital and information risk management standards
• As a well-rounded IT professional you will use your acquired practical skill and experience from other IT fields and perform cybersecurity risk Assessment that might introduce risk to TELUS
• Follows up with applicable Risk Owners to ensure vulnerability findings are mitigated
• Create, disseminate, and update Risk Assessment documentations
• Collaborate with other Security Consultants and Subject Matter Experts across TELUS to maintain relevant processes and procedures
• Provide ongoing updates on activities for program dashboards and Executive weekly summary
• Capable to have multiple Risk Assessment running concurrently, manage time effectively, and require minimal supervision in the execution of assigned tasks

Qualifications

You’re the missing piece of the puzzle:

• 5+ years’ experience in Cybersecurity Risk management/ IT Risk/ Information Security Risk management
• Security, governance, audit and risk related certifications - CISA, CRISC, CISSP, CISM
• Deep understanding of Cyber Security Frameworks and industry standards such as ISO 27001/2, NIST, COBIT, PCI-DSS, etc
• Ability to explain security controls and the impact of non-compliance to all stakeholders in an easy to understand way
• Proactive professional with great interpersonal, leadership, organizational and planning skills
• Strong problem-solving skill, highly self-motivated, self-directed, and attentive to detail
• Strong negotiation skills to negotiate resources, changes, issues, budgets, and timelines