Security Analyst Customer & Audit Compliance

Mississauga, ON, CA, L5N 0E1

Description

 

Working in Purolator’s Security and Compliance team, the Customer and Audit Compliance Analyst is accountable to operate and help mature our cybersecurity – vendor risk management (CS-VRM) program as well as be responsible for ensuring compliance to security guidelines and auditing requirements. You will work with a wide array of vendors and internal teams to manage vendor cybersecurity risk. You will have a great opportunity to shape and build our emerging CS-VRM program.

 

The work we do at Purolator impacts every Canadian. To work with us, you must be eligible to obtain a Reliability Security Clearance.

Responsibilities

 

  • Understand and assess inherent and residual risk associated with vendors providing services to Purolator.
  • Understand and bring security awareness to the product teams on applicable standards/policies.
  • Manage CS-VRM service provider(s) performance.
  • Assist Procurement and project teams with vendor contract negotiation.
  • Identify and implement improvements to mature the CS-VRM program.
  • Make recommendations to enhance the CS-VRM governance model (e.g. policies, processes, KPIs) as well as existing tolls and solutions to keep up with industry standards.
  • Report to management on CS-VRM risk levels.
  • Work cooperatively with all stakeholders, internal and external.

Additional Responsibilities

 

  • Experience with cyber security, controls testing, and presenting.
  • Familiarity with service organization audit standards (e.g., SOC 2, PCI) and reports.
  • Auditing or compliance experience with cloud services would be an asset.
  • Ability to understand and interpret penetration test reports.

Education

 

  • Undergraduate degree in computer science, business or equivalent.
  • CISSP, CISA certifications and accreditations are all recommended.

Experience

 

  • 1 to 3 years in an information security role.
  • 1 to 3 years managing or interacting with vendors (service providers).
  • Exceptional interpersonal skills and proven to flourish working in a fast-paced environment.
  • Ability to work effectively in a cross-disciplinary team, across multiple projects and multiple locations.
  • Sharp analytic and problem-solving capabilities that go beyond strict technical expertise.
  • Broad IT knowledge and strong level of familiarity with information security industry best practices.
  • Previous CS-VRM experience preferred.
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits CISA CISSP Clearance Cloud Compliance Computer Science Governance KPIs Risk management Security Clearance SOC SOC 2

Region: North America
Country: Canada
Job stats:  18  7  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.