Senior offensive security advisor at Desjardins leading security initiatives and projects. Advising partners on strategic security and developing offensive methodologies to enhance cyber resilience.
EC
Information Security Governance Advisor
Posted yesterday
About the role
- Advisor in information security governance at Exposant 3, defining frameworks compliant with international standards and ensuring organizational security compliance. Collaborating on awareness and training efforts within a human-centered, innovative team.
Responsibilities
- Responsible for defining and implementing information security governance frameworks in accordance with international standards.
- Responsibilities include assessing risks related to the protection of sensitive information and developing appropriate mitigation strategies.
- Contribute to establishing an organizational security culture, including raising awareness and training staff on security best practices.
- Support organizational projects to ensure their compliance with recognized information security standards and practices.
- Prepare information security normative documents in compliance with recognized international standards and the organization’s contextual needs.
- Maintain a strong knowledge of major international information security standards, frameworks and references such as ISO 27000, COBIT, NIST SP 800, ITSG-33, PCI DSS, OWASP, MITRE ATT&CK, etc.
- Conduct compliance assessments of various services against recognized information security standards, guidelines and best practices.
- Lead activities for categorizing the client’s information assets.
- Inventory and assess the sensitivity of information across the organization’s information assets.
- Develop and define requirements related to information labeling/classification.
- Provide governance support to projects.
Requirements
- Degree: Hold a Bachelor’s degree recognized by the Ministry of Higher Education in Information Security, Risk Management, or a related discipline.
- Certifications: Hold at least one of the following certifications: CISSP, CISA, CISM, CEH, CRISC, ISO/IEC 27001 Lead Implementer, ISO/IEC 27001 Lead Auditor, OSCP, CCSK, ISO 27005 Senior Lead Risk Manager, ISO 27032 Senior Lead Cybersecurity Manager.
- Experience required: Minimum 5 years’ experience implementing governance frameworks and managing information security risks.
- Demonstrated experience delivering training related to the implementation of information security frameworks in complex environments.
- Participation in at least two large-scale engagements involving more than 500 users in the development of security policies and directives.
- Demonstrated IT experience in a regulated or public sector environment, including application of internationally recognized security best practices (ISO 27001, NIST).
- Experience deploying risk management software or security governance tools.
- Contribution to at least two system development projects in cloud or hybrid environments as the information security governance lead.
Benefits
- A dynamic, supportive team culture based on trust and collaboration
- Flexible remote work environment
- Opportunity to contribute to large-scale technology projects
- Genuine opportunities for initiative, innovation and professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Product Manager overseeing ecobee’s Smart Security business and leading cross - functional teams. Responsible for product initiatives focused on customer experience and service growth.
Senior Consultant managing client security testing engagements as part of TELUS Cyber Security team. Proficient in penetration testing and security challenges with a focus on collaboration and communication.
Information Security Specialist at TD responsible for risk compliance and issue remediation within technology. Leading assessments and providing oversight on regulatory findings to enhance governance practices.
Security & Compliance Partner shaping security at PurposeMed's virtual healthcare platform. Collaborating across teams to ensure effective security measures and compliance as the company scales in Canada and the US.
EC
Operational Information Security Specialist at Exposant 3 overseeing information security activities and implementing security controls. Collaborating on major projects within a human - centered and innovative firm.
Lead security strategy and ICS - guided emergency response programs at AltaGas. Shape a unified, risk - based framework to strengthen operational resilience and advance zero - harm commitment.
Cyber Threat Intelligence Specialist leveraging AI and machine learning for threat analysis at Intact Financial. Focused on creating predictive intelligence models to enhance security operations.
Security Advisor Specialist for the IAM team at Intact, developing SailPoint IIQ solutions and enhancing identity governance processes. Responsible for driving compliance and teaching best practices
Project Manager II focused on integrating new customers into TELUS' Internet and Security operations. Collaborating across teams to drive successful transition and enhance customer experiences.