Managing Consultant in Cybersecurity and NERC Compliance at Guidehouse. Leading client management and project workstreams within the electric utility sector in Canada.
About the role
- Security Advisor Specialist responsible for identifying and mitigating information security risks. Providing guidance on security practices and collaborating with development teams to ensure compliance.
Responsibilities
- Identify security events that need to be monitored.
- Advise and support our team in all stages of development.
- Ensure key risk metrics/indicators are developed and implemented to systematically measure and report information-related risks.
- Identify and classify the risks then propose risk mitigation or remediation.
- Analyze the risks associated with the various options available and propose a security solution to the operational issue that offers a fair balance between potential losses and the cost of the solution.
- Identify gaps in IT compliance control and supervise the documentation, implementation and tests for the entire IT compliance control portfolio.
- Monitor the latest industry trends and, where appropriate, proactively propose the introduction of new security practises and technologies when they become profitable.
- Perform or coordinate application security tests for project teams.
- Interpret the results of application security tests (code scanning, application intrusions, etc.).
- Inform and educate development teams with regard to the application security development standards, methods and tools.
Requirements
- University degree in information security or any combination of equivalent education and experience
- Minimum 8 years of relevant experience in information technology, more specifically in information technology security
- Security certification would be an asset
- Strong knowledge of application security principles and practices
- Strong and practical knowledge of Cloud environment in terms of Security risk and tools available in AWS or other cloud environment
- Experience in a DevSecOps - CI/CD environment
- Good understanding of common security gaps in data and cloud applications and of operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA)
- Good understanding of common security gaps in data/AI applications
- Team player / good collaboration skills set
- Strong ethical principles and understanding of business and information security ethics
- For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.
- No Canadian work experience required however must be eligible to work in Canada.
Benefits
- Flexible work arrangements and a hybrid work model
- Possibility to purchase up to 5 extra days off per year
- Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
- Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Analyst performing SOC 1 and SOC 2 examinations at Kraken. Leading compliance initiatives and enhancing IT controls in a remote environment.
Security Guard responsible for protecting people and property in Amherst, Nova Scotia. Conducting patrols and monitoring security systems to ensure safety.
Security Lead responsible for driving security function and strategy at Newton, a crypto trading platform. Ensuring CIRO and SOC 2 alignment while embedding security practices across all systems and applications.
Senior Cybersecurity Engineer at Vervent focused on security solution design and incident response. Join a growing team to implement and strengthen enterprise security operations.
IA
Conseiller juridique stratégique au sein des Services juridiques pour la protection des renseignements personnels au Canada. Fournissant des conseils stratégiques en matière de cybersécurité et réglementaire.
Manager, Information Security at Manulife will assess vendor IT risks and security controls. Conducting audits, guiding businesses in IT risk management under a hybrid working model.
Key role in operational security management of IT infrastructures at Xideral. Involves risk management, security architecture, and coordination with various stakeholders.
Responsable de la sécurité industrielle chez L3Harris Technologies, soutenant la sécurité des installations et la protection de la propriété intellectuelle. Interagir avec des clients internes et externes pour les tâches de sécurité tout en exécutant les fonctions de sécurité.
Industrial Security Lead managing facility security functions at L3Harris Technologies to support compliance with security policies. Engaging with internal and external security officials and overseeing security operations.