Information Security Advisor (Compliance and Audit)

Sky Systems, Inc - Montréal, QC (30+ days ago)

Apply Now

Montreal, QC, Canada (Initially Remote)
6 to 12 Months + Contract

*****someone with an IT/security audit profile, as opposed to a cybersecurity profile, and not very senior
·
  • •EXPERIENCE DANS DES ENVIRONNEMENTS DE GRANDE ENVERGURE •5 years of Information Security Governance •Certifications in ITIL, CISM, CISA, desirable •SOX Compliance and audit
  • SOFT SKILLS ET HABILETÉS NON TECHNIQUES
·
  • DESCRIPTION CLIENT
  • The individual is responsible for collaboratively improving and applying Information Security Management System and SOX compliance frameworks. The role also provides business and technical advice on a wide variety of information security and SOX compliance issues, concerns, and problems. The Advisor makes sure that all business related functions and supporting landscapes such as: telecommunications, applications, development practices (in-house or by 3rd parties), asset management, include adequate control measures and comply with it.The Information Security Advisor is the in-house subject matter expert who diligently assists with the improvement of SOX compliance. A visible internal spokesperson of the Corporate Information Security Unit, he/she is charged with gaining widespread support of and compliance with, information security requirements and policies.
  • Do risk assessments, impact assessments on IT General Controls. Report on risks, update and improve SOX compliance.
  • Partner with IT and security operations in the execution of compliance checks, both internal and SOX (and other regulatory) requirements. Establish good working relationships to effectively manage SOX compliance checking and remediation efforts. Handle all the aspects on the checking and remediation.
  • Provide users and management with technical support on matters related SOX compliance such as the criteria to use when selecting and implementing information security controls. Reviewing and proposing enhancements or modifications to the configuration or functionality of information security controls, IT General Controls and other important parts of the information systems infrastructure
  • Coordinate internal and external auditors SOX testing activities with IT operation teams and stakeholders
  • Perform compliance tasks and report issues
  • Operate the GRC application (MetricStream)
Communicate regularly and report to compliance management team
  • Do risk assessments, impact assessments on IT General Controls. Report on risks, update and improve SOX compliance.
  • Partner with IT and security operations in the execution of compliance checks, both internal and SOX (and other regulatory) requirements. Establish good working relationships to effectively manage SOX compliance checking and remediation efforts. Handle all the aspects on the checking and remediation.
  • Provide users and management with technical support on matters related SOX compliance such as the criteria to use when selecting and implementing information security controls. Reviewing and proposing enhancements or modifications to the configuration or functionality of information security controls, IT General Controls and other important parts of the information systems infrastructure
  • Coordinate internal and external auditors SOX testing activities with IT operation teams and stakeholders
  • Perform compliance tasks and report issues
  • Operate the GRC application (MetricStream)
  • Communicate regularly and report to compliance management team