Title: Cybersecurity and Personal Information protection specialist
Location: Canada
Duration: TBD
Job Summary
Under the responsibility of the Director of Information Security, you will help ensure the compliance of our activities and solutions, particularly with regard to the protection of personal information. Depending on the needs, his expertise and his interest, the information security advisor will be called upon to intervene in several aspects of the information security and personal information protection program, ranging from the definition of standards and policies to the development of processes, including the choice of measures to put in place, the deployment of these measures and the measurement of their effectiveness. He must also coordinate all activities relating to the protection of personal information within the data protection committee. He will work closely with the various departments concerned. Finally, he will work in close collaboration with the contract management, security and legal teams in order to meet customer requirements in terms of product compliance, solutions, but also information security program in accordance with requirements, regulations, standards. , laws….
Your Role
We are looking for versatile people with strong aptitudes for some or more of the following activities:
- Maintain and develop a reference framework for the protection of data, including personal information, including underlying security policies, procedures, standards and guidelines.
- Advise and support the security director in the implementation of the personal information protection program
- Accompany an organization in compliance with various normative and regulatory frameworks specific to the field of personal information protection but also with the requirements of our customers, regulations, policies and laws applicable to our customers' environments.
- Act as a security advisor on data protection in the context of projects and write the relevant documentation.
- Participate in data governance and recommend appropriate protection measures.
- Assist in process implementation.
- Measure the effectiveness of control measures objectively and meaningfully.
- Perform administrative and technical audits
Technical Skills
- Good knowledge of trends and new developments in the field of security.
- Knowledge of the various applicable normative and regulatory frameworks (GDPR, law on the protection of personal information, etc.).
- Excellent knowledge of the standards of the ISO 27000 family, the NIST repository, DFARS
- Practical experience in implementing an information security program
Language requirement: Bilingual (French and English);
Education: Bachelor's degree in computer science or a related discipline