We are hiring an Information Security Specialist to join our team in Toronto or Winnipeg. In this role, you will be a key player in protecting the organization’s critical information assets and ensuring compliance with industry standards and regulations.
You will provide guidance to business leaders in managing cyber risks during business acquisitions and integrations and support the alignment to an enterprise security governance structure. You will foster relationships with business and IT stakeholders across the company and its diverse ecosystem of affiliates and partners. You will assist with building and operating information security-related services that will protect and preserve the confidentiality, availability and integrity of information systems and data. You will bring a combination of deep technical and business knowledge to improve information security and IT risk in all aspects of the business.
The Information Security Specialist Will
- Provide expertise to business leaders and technology teams by conducting security risk assessments, identifying potential threats and vulnerabilities, and recommending appropriate compensatory measures to allow risk to be managed to acceptable levels.
- Collaborate with information security members to develop and align information security policies and standards with evolving business needs and industry standards (e.g. ISO 27001, NIST CSF) and ensure the ongoing currency of same for all participating companies.
- Recommend security compliance and remediation initiatives for technology, processes, and services (a) to ensure ongoing effectiveness of the information security program, (b) to protect the business from security threats and (c) to ensure compliance with regulatory, key business partner and client requirements.
- Provide leadership and execute security activities that align with business objectives and the defined risk appetite of acquired companies, while ensuring delivery within timeline and budget.
- Continually refine security risk assessment practices to support merger, acquisition, and integration processes
- Act as adviser for company affiliates and partners in their pursuit of aligning to the cyber program and governance structures.
- Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
To be successful as an Information Security Specialist with People Corporation, you will need:
Experience
- At least 8+ years’ cybersecurity experience (or information technology infrastructure coupled with cybersecurity), with at least 5+ years in security operations
- Familiar with the cybersecurity acquisition due diligence process to assess the target firm’s status regarding regulatory compliance, security policies, and third-party risk.
- Familiar with hands-on experience in IT infrastructure and security technologies (e.g., Firewalls, IPS/IDS, WAF, VPN, SIEM, MXDR, EDR, CASB, SSO, MFA, DLP).
- Working knowledge of techniques, technologies and processes for intrusion prevention and virus detection, firewalls, VPN technologies, authentication, encryption, access control systems, Data Loss Prevention, Certificate services, protocol analysis and database security.
- Understanding of common networking protocols and services and their relevant security issues.
- Understanding of operations system and network security weaknesses, vulnerabilities and remediation.
- Experience securing cloud environments, particularly Azure, M365 and or GCP
- Excellent communication skills and confidence working cross-functionally.
- Strong analytical skills
Education
- Completion of post-secondary education in Information Technology, Computer Science, Information Security or combination of equivalent discipline.
- A current senior professional certification relevant to cybersecurity, or risk management, such as: CISSP, CISM, CRISC, CISA.
- Other beneficial industry certifications or training include GSEC, CCSP, CySA+ or ITIL.
- Knowledge of various security best practices, security principle, standards and frameworks (e.g. NIST, CIS, ISO27001, OWASP).
What's In It For You
- Learn by working alongside our experts
- Extended health care and dental benefits
- A retirement savings plan with company contributions
- A suite of Health & Wellness offerings
- Mental Health programs and support for you and your family
- Assistance for the completion of industry designations
- Competitive compensation
At People Corporation we are committed to helping businesses succeed. We are a national provider of benefits, retirement, wealth, wellness, and human resource solutions. Our experts and solutions serve over 20,000 clients representing nearly 3 million Canadians. We offer customized solutions designed to fit the unique needs of businesses and their employees, members and stakeholders.
Providing an inclusive, accessible environment, where all employees and clients feel valued, respected and supported is something we're committed to. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. If you require an accommodation or an alternative format of any posting please reach out to careers@peoplecorporation.com.
