Lead current ISO 27001, SOC 2, and PCI compliance initiatives for systems in Canada, US, and Europe
Spearhead initiatives to identify, investigate, and improve security risks within CBN Operations Global Infrastructure
Design and deliver security strategies, produce architectural models, detailed assessments, and present reports to meet Canada/US and global security requirements
Conduct Risk Assessments within customer systems to quickly assess associated risks, recommend actions, and develop plans for remediation
Take an active role in educating customers, executives, stakeholders, infrastructure personnel, and developers on best practices for security

Requirements

Bachelor's degree in Computer Science, Information Technology or related field or an equivalent combination of relevant education and additional work experience
One (or more) of NIST800-53, ISO27001, SOC2 (Type I and II), FedRamp, StateRamp SANA, ISACA or GIAC is an asset
8+ years of direct experience in a compliance, auditing and/or risk position
3+ years of experience developing/delivering compliance assessments
Experience using structured approaches to risk assessment (e.g. HTRA, TRA, ITSG-33, CSF, FSIR, STAR)
Experience using Unified Compliance Frameworks and GRC tools
Experience with Azure/AWS compliance is an asset
Fluency in English (reading, writing, speaking)

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

ISO 27001SOC 2PCI complianceRisk AssessmentsNIST800-53FedRampStateRamp SANAHTRATRAUnified Compliance Frameworks

Soft Skills

leadershipcommunicationeducationstakeholder engagementproblem-solving

Certifications

ISACAGIAC