IT Internal Audit Assistant Manager leading independent reviews of IT projects and programs. Enhancing IT security and governance risk/control environment across North America with global team support.
Responsibilities
Lead independent reviews of IT projects and programs and be responsible for supporting planning and execution of risk-based, process focused IT audit and advisory assignments.
Improve the overall IT security and governance risk/control environment for key IT projects/programs developed.
Operate primarily across North America with support to UK and European operations.
Provide real-time guidance on cybersecurity, AI implementation, secure development practices, cloud infrastructure, and data governance.
Identify gaps in Software Development Lifecycle practices across critical projects and collaborate with stakeholders to craft recommendations that align with both internal standards and industry best practices.
Prepare concise, executive-ready memorandums that distill complex technical risks into clear business language.
Requirements
Post Secondary education in Information Systems, Computer Science, Software Engineering, or a related field - is required.
A minimum of 3 years in IT auditing - is required.
Recognized professional audit or security related designation (CIA, CISA, AAIA, CCSK, CCSP, CISSP, CISM, etc.).
Working experience in reviewing software engineering controls related to project governance, data governance, IT and Data Security, testing and change/release management areas.
Knowledge of best practices and strong security controls over cloud environments (AWS, Azure, GCP, etc.) or Artificial Intelligence (AI)/Machine Learning (ML) technologies and their security implication.
Proficient in reviewing security vulnerabilities identified from different platforms such as middleware/container/automated pipelines with experience to independent assess the end-risk and root cause for each of the vulnerabilities.
Knowledge of cyber security risks, assessments, reports and frameworks such as those published by leading organizations (e.g. NIST, ISO 27001, SOC 2 Type II, etc.) is an asset.
Strong analytical skills that lead to accurate conclusions.
Strong project management skills and solutions driven.
Excellent written and communication skills.
Experience using data analytics tools is an asset.
Prior Big 4 firm and insurance industry experience is an asset.
For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.
Benefits
Flexible work arrangements and a hybrid work model
Possibility to purchase up to 5 extra days off per year
Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.