TIS GRC Analyst
Calgary
Posting End Date:
April 23, 2024Employee Type:
Regular-Full timeUnion/Non:
This is a non-union positionWith an in-depth knowledge of technology governance, risk and compliance, this position will support the Supervisor of TIS GRC.
The primary focus of this role includes liaison and coordination of TIS risk and assurance engagements, monitoring status of risk remediation plans to ensure timely closure with appropriate quality of remediation in alignment to departmental policies/standards, may include reporting of risk management performance activities to various levels of management in TIS, and support other risk assurance activities within GRC as needed.
What you will do:
Risk Management:
The primary focus will be to ensure the Enterprise Risk Management process is followed when identifying, risk ranking and tracking to closure for all technology and cyber related risks. Escalating to SMEs in respective areas for action and mitigation, when required
Work towards ensuring the BU technology and security posture is continuously improving and trending in the right direction.
Presenting GRC metrics to Cybersecurity and Business Unit Leadership to ensure they are aware of their risks and obligations.
Governance:
Responsible for the collection and reporting of risk metrics, providing support to internal assurance activities as and when required.
Provide control gap analysis with recommendations for improvement.
Acting as a GRC participant in the development and review of cybersecurity policies and standards as and when required.
Compliance:
Support the Supervisor of Governance Risk and Compliance and on key compliance areas CISO engagement in the areas of risk management (all technology related risks including cybersecurity) in general including Internal Audit, SOX and Standard/Policy Compliance as required.
Be a contributor for establishing common approaches for monitoring of compliance efforts, remediation of control gaps and continuous improvement for processes.
Relationship Management
Engage with TIS control/system/risk owners and subject matter experts to drive value and compliance within Enbridge and operate as point of contact for the respective BU level risk management activities.
What you will do:
Required:
University degree in Computer Sciences, Engineering, Audit, Business, or related disciplines
A minimum of 2+ years of progressive hands-on experience in the field of information security, IT governance, compliance, cyber security, audit, or risk management
Working knowledge of cyber security and risk management best practice
Ability to manage concurrent initiatives and conflicting priorities.
Highly disciplined and professional regarding handling confidential information.
Demonstrated understanding of various compliance and quality assurance roles.
Ability to effectively interact with personnel involved in policy, technical, operational, and program management work.
Excellent communication skills including technical and business writing, documentation and presentation skills.
Preferred:
Working knowledge of cyber security standards, frameworks and regulations including but not limited to NIST, ISO 27001 and 27002, NERC and SOX is desired.
Possession or working towards achieving the following professional qualifications: CISSP, CRISC, CISA or related cyber certifications.
Flex-Work
Enbridge provides competitive workplace programs that differentiate us and offer flexibility to our team members. Enbridge’s Flex-Work (Hybrid Work Model) offers eligible employees the opportunity to work variable daily schedules with a flexible start and end time, to opt for a compressed workweek schedule, and the option to work from home on Wednesdays and Fridays. Role requirements determine your eligibility for each option or combination of options. #LI-Hybrid
Diversity and inclusion are important to us. Enbridge is an Equal Opportunity and Affirmative Action Employer. We are committed to providing employment opportunities to all qualified individuals, without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous/Native American status, or disability. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting careers@enbridge.com.
Information For Applicants:
- Applications can be submitted via our online recruiting system only.
- We appreciate your interest in working with us; however, only those applicants selected for interviews will be contacted.
- Final candidates for this position may be required to undergo a security screening, including a criminal records check.
To learn more about us, visit www.enbridge.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA CISO CISSP Compliance CRISC Governance ISO 27001 Monitoring NIST Risk management SOX
Perks/benefits: Career development Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs