Information Security Specialist - Remote(Ottawa, Canada within 65 miles)

Information Security Specialist - Remote (Ottawa, Canada within 65 miles)

Key Skills: Cyber Security, Azure, Risk management, Information security, risk Discovery

Job Description:

Conduct, document, and report on security risk assessments for technology systems, and internal and third-party vendor solutions.

Facilitate security risk management activities, including risk assessments, advise on threats, vulnerabilities, and mitigation strategies.

Identify and oversee the implementation of security requirements in projects.

Manage relationships with Cybersecurity Unit, Privacy Office, Business

Relationship Management, and College stakeholders to identify and communicate security risks and mitigation measures.

Track and communicate information security assessment recommendations and remediation timelines.

Act as a Subject Matter Expert by developing and maturing tools & process to support security assessments and other NIST CSF functions.

Develop cyber security metrics, measurement criteria and reporting to ensure compliance and continuous improvement across multiple environments.

Assess information technology control elements to mitigate IT risks regarding the confidentiality, integrity and availability of the College's information.

Maintains detailed knowledge and awareness of the cyber security and information security trends including awareness of new or revised security solutions, improved security processes and the development of new vulnerabilities and threats.

RESPONSIBILITY AND DECISION-MAKING PROCESS

The Senior Information Security Specialist has the responsibility to assess and review:

Security assessment of new projects: Acquisition of products, changes, incidents, new developments.

Security requirements and policies in Azure environments. Cybersecurity processes and documentation and implement improvements

The College supports a collaborative decision-making process. Existing governance processes exist for strategic decisions or those that impact other departments within the College.

Qualifications:

• 4-Year degree in Information Systems Security, Information Technology, or equivalent.
• Minimum 7 years in information security, IT audit and/or IT Risk Management experience.
• Working knowledge of and experience applying common information security standards such as ISO 27001, ISO 27002, ISO 27031, NIST 800-53a, NIST CSF,
• NIST RMF and CSEC ITSG-33.
• CISSP or CRISC or other information security certifications are an asset.
• Experience participating in threat, risk and information security assessment processes.
• Experience with risk discovery and assessment, as well as appropriate mitigation and controls.
• Good knowledge of the latest trends in information security and risk management, e.g. evolving technologies, cyber risk mitigation, etc.
• Experience of auditing IT environments, either through an internal or external audit role.
• Broad knowledge of IT architecture and underpinning technologies including but not
• Limited to identity and access management, cloud hosting providers, database Administration.
• Experience designing and supporting large-scale, end-to-end information security systems in a complex, both on-premises and hosted, multi-platform environment.
• Must possess and provide evidence of Enhanced Reliability security clearance (or better).

About Us WinningEdge:

Job Search can be a painful & frustrating process. We take time to understand candidate skillsets, and job search preferences and match them with our ideal clients. Our team has a combined experience of over 100 years and we have successfully placed hundreds of candidates.

Information Security SpecialistN/A