InfoSec, Governance and Risk Management Advisor
Job Overview
Job title: InfoSec, Governance and Risk Management Advisor
Job description: Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated.
Time Type: Regular
Job Description :
SUMMARY OF POSITION:
Reporting to the Manager, Information Security Governance Risk and Compliance, the Advisor will focus on activities related to Data Loss
Prevention (DLP), including communication with various stakeholders, change management and the continuous improvement of the
various monitoring processes and rules.
In relation to the defined policies and standards, this person will also look at situations of non-compliance by following them in the risk
register and ensuring that they are remediated.
MAIN RESPONSIBILITIES:
● Demonstrate discretion and respect the confidentiality of the events handled;
● Analyze cybersecurity events in a “SOAR” and “SIEM” type solution;
● Investigate events in order to establish the source of the information, its context and its severity;
● 50% of work with HR on investigations such as policy violations (e.g. pornography, sensitive information leak);
● Apply and validate event classification to trigger the appropriate response;
● Collaborate with IT and security teams to ensure remediation and any adjustments that may be necessary;
● Follow up on identified events and work with stakeholders (i.e. Managers, HR) across different departments and
Business Units to ensure events are handled and to refine use cases;
● Coaches and influences managers on how to handles data protection and policy non-compliant events;
● Provides direction and training to employees to ensure that they have the knowledge and adequate tools needed
to comply with security policies and standards;
● Lead in the collection, analysis and continual enhancement of data protection program and policy compliance
metrics to measure and visibility to the security posture of Cogeco. Report these metrics to various upper
management committees;
● Lead the development and update of information security documents such as policies, standards, procedures,
training materials, communication and change management plan;
● Identify opportunities for continuous improvement to reduce alerts and fix root causes to help improve human
behavior;
● Be able to address non-compliant events to policies and standards regardless of the individual involved and
remain impartial;
● Keep abreast of trends and technological developments in the field of information security;
● Support management decisions and the strategic security plan;
● Assume all other related tasks, similar to the main characteristics mentioned in this description;
● As part of his work, the incumbent must take the necessary measures to ensure his own health and safety, that of
his colleagues and that of the general public. He/she must use the personal protective equipment made available
to him/her at all times and comply with all health and safety instructions, statements, policies and procedures
issued by the company;
● To support Cogeco’s ultimate goal of providing excellent service to current and potential customers, the
incumbent must constantly listen to and respond to the needs of external and internal customers, contributing
diligently and professionally. to the resolution of any problem or concern by ensuring that the solution meets the
client’s needs.
ESSENTIAL REQUIREMENTS:
ACADEMIC TRAINING
● Background in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent
work experience in a related field).
WORK EXPERIENCE:
● Minimum 4 years experience in information security, IT support or system management;
● Experience in cybersecurity event analysis, DLP or incident response.
TECHNICAL COMPETENCIES:
● Demonstrated experience in managing cloud-based email solutions (Workspace, O365, etc.)
● Experience with information security programs, audits, controls, assessments, risk assessments, or remediation
management (specific to Security Governance, Risk & Compliance role)
● Experience in the use of SIEM ex: Arcsight, Exabeam, Elasticsearch, Splunk
● Proficiency in information security principles and industry standards such as NIST and ISO.
● Current industry standard security certification (Security+, Microsoft, Cisco, CISSP, CISM, etc.) is an asset.
● Understanding of information security practices and policies.
PARTICULAR COMPETENCIES
● Fluency in French and English (spoken and written);
● Be able to propose solutions and initiatives;
● Have a strong capacity for communication, analysis and synthesis;
● Strong problem-solving skills;
● Excellent organizational and communication skills;
● Attention to detail;
● Ability to work under pressure and manage multiple priorities;
● Ability to work independently and in a team environment;
● Have a great intellectual curiosity;
● Excellent ability to write development documents and processes;
● Strong ability to multi-task simultaneously and efficiently in a fast-paced environment.
Location : Montréal, QC
Company : Cogeco Communications Inc.
At Cogeco, we know that different backgrounds, perspectives, and beliefs can bring critical value to our business. The strength of this diversity enhances our ability to imagine, innovate, and grow as a company. So, we are committed to doing everything in our power to create a more diverse and inclusive world of belonging.
By creating a culture where all our colleagues can bring their best selves to work, we’re doing our part to build a more equitable workplace and world. From professional development to personal safety, Cogeco constantly strives to create an environment that welcomes and nurtures all. We make the health and well-being of our colleagues one of our highest priorities, for we know engaged and appreciated employees equate to a better overall experience for our customers.
If you need any accommodations to apply or as part of the recruitment process, please contact us confidentially at
Company: Cogeco
Expected salary:
Location: Montreal, QC
Job date: Mon, 03 Oct 2022 06:20:08 GMT
Job Source: Careerjet.ca