IT Compliance Specialist II
Canada
Applications have closed
Achievers
Achievers' award-winning employee recognition software creates a culture that accelerates engagement and performance for UK businesses.What you'll do:
- Participate in internal and/or external audits and security assessments (e.g. ISO 27001, CSA STAR, PCI, SOC 2, etc.).
- Conduct periodic IT Compliance reviews to ensure appropriate design and operating effectiveness of primary controls. Identifying gaps in controls and propose remediation plans.
- Assist in the day-to-day compliance and audit operational activities.
- Work with control owners to ensure timely review and updates to documentation, controls, and the completion of remediation items.
- Attend periodical status meeting with internal/external audit teams.
- Perform third-party vendor risk assessments by reviewing vendors security posture and architecture, drafting security assessment reports outlining risks identified.
- Provide technical knowledge and analysis of information assurance, including, but not limited to: application controls; operating systems; physical security; identity and access management; risk assessment; privacy, infrastructure continuity and contingency planning; security awareness and training, etc.
- Initiate, facilitate, and promote activities to foster information security awareness within the organization.
- Excellent communication and presentations skills with the ability to deliver complex concepts to both technical and non-technical audiences.
- Lead the ongoing and annual security awareness training program, reviewing the content, coordinating assignments and follow ups with end users to ensure training is completed timely.
- Relationship building skills especially in areas where diplomacy is needed to help ensure that new policies and procedures gain the support they need to be adopted by the organization.
- Proactively offer internal security consulting on policy, controls, standards and best practices to business functions and end users.
- Day-to-day assistance with InfoSec. departmental operational actives.
- Work independently with minimal oversight from management.
What you'll bring:
- 3-5 years of proven Information security, vendor governance, IT compliance, audit, and risk management related experience.
- Strong experience with IT compliance frameworks, requirements and regulatory standards such as, but not limited to: ISO 27001, HIPAA, PCI, CSA STAR, SOC 2, GDPR, NIST, etc.
- Knowledge of corporate security policies, procedures and information security best practices.
- Bachelor’s degree in Computer Science, Engineering.
- Professional certifications are an asset: CISSP, CISA, CISM, or CRISC.
- Experience with security and compliance as it relates to a SaaS offering.
- Knowledge of European security and privacy practices.
- Extremely well organized, detailed oriented and attentive to deadlines
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Compliance Computer Science CRISC GDPR Governance HIPAA IAM ISO 27001 NIST Privacy Risk assessment Risk management SaaS Security assessment Security Assessment Report SOC SOC 2
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs