Blackberry has flagged the Director, Cyber Security job as unavailable. Let’s keep looking.

Director Information & Cyber Security, Risk & Control, and Privacy

Mississauga ON Canada

Fulltime position

Job Description

  • Close to or more than 12 years of industry experience working with financial institution in a same or similar role
  • Expert in Information Security, with at least one of these certifications (CISM, CISA, CISSP, CCSP), CISM preferred
  • Experience with CSAE 3416 SOC 1 and SOC 2 audit controls assessment process
  • Expert knowledge of Governance, Risk and Control (GRC) practices
  • Expert knowledge of PIPEDA, GDPR and other privacy regulations that apply to financial services
  • Excellent interpersonal, oral and written communication skills
  • Sound understanding of network and cybersecurity defense mechanisms
  • Superior analytical skills; ability to frame key analysis required to address critical business issues
  • Ability to establish conducive working relationships with stakeholders across the organization
  • Team-oriented, collaborative and flexible
  • Ability to address and deliver against multiple and competing deadlines
  • Decisive, positive, and get things done attitude

Information and Cyber Security:-

Responsibilities:

  • Communicate security requirements as subject matter expert
  • Strong knowledge and experience working with Cyber and Information Security technologies to recommend tools to support requirements to support continuous improvements
  • Continually assess and align LTIMindtree Canada’s security processes and procedures with the Global Corporate Information Security Manual (CISM)
  • Ensure that physical and logical access controls are appropriate for external audit compliance
  • Create and maintain security process documentation
  • Own the vulnerability management process and track remediation activities for all identified vulnerabilities to closure
  • Own the Security Incident Response process and manage the resolution of all confirmed security incidents through to closure
  • Provide timely response to client security questionnaires and RFI’s
  • Chair monthly cybersecurity dashboard meeting and prepare a monthly Cyber and Information Security metrics presentation for clients
  • Prepare and drive to completion annual employee entitlement reviews
  • Subscribe to and assess threat intelligence alerts for applicability to the organization
  • Document and communicate standard for third-party vendors due diligence security requirements

Risk and Control:-

Responsibilities:

  • Strong understanding of risk management methodologies
  • Ability to assess risks posed by various security vulnerabilities
  • Lead the organization through annual CSAE 3416 SOC 1 and SOC 2 application audits
  • Own and maintain Business Continuity Plan
  • Maintain enterprise risk management framework to identify, access and track Enterprise Risks
  • Schedule, track and report application and infrastructure Vulnerability Assessments and Penetration Testing (VAPT) results
  • Schedule and manage to completion annual cybersecurity awareness training
  • Communicate and maintain security process standards documentation
  • Roll out new or refined process requirements to support continuous improvements pertaining to risk management

Privacy:-

Responsibilities:

  • Serve as Privacy Officer and respond to any privacy concerns / questions raised by staff and clients
  • Maintain privacy policy to ensure compliance to regulatory changes. Complete compliance gap analysis reports as required
  • Serve as subject matter expert on privacy regulations
  • Review data leak reports to ensure that there are no privacy breaches
Read Full Description
Confirmed 12 hours ago. Posted 16 days ago.

Discover Similar Jobs

Suggested Articles