Senior Specialist, Information Security Job Description Template
Our company is looking for a Senior Specialist, Information Security to join our team.
Responsibilities:
- Review and analyze complex IT systems identifying risk and security exposures;
- Coordinate audits and IT inspections, managing remediation activities, documentation and reporting;
- Support the Change Management process through change review and approval;
- Produce formal documentation and provide updates as required;
- Support the Security Awareness program developing relevant content for presentation to internal teams;
- Review and maintain IT system security controls to ensure compliance with industry standards, contract requirements and clauses;
- Manage physical access requests through validation and approval processes;
- Produce and maintain business risk reports and impact analysis, developing action plans to minimize risk to the business;
- Manage the secure handling of information and assets in accordance with the Government of Canada Industrial Security Manual (ISM).
Requirements:
- Interpersonal skills;
- Experience of agile methodologies (Scrum, Kanban);
- Knowledge of IT Security Governance Risk and Compliance (GRC) Tools;
- The candidate must hold a valid Government of Canada PWGSC Secret Level II security clearance;
- Ability to influence;
- Collaboration and teamwork;
- Bachelor’s degree in computer science or equivalent;
- Detailed knowledge of IT Security Risk Management, (ITSG-33, ITSG-22) and Privacy Impact Assessments (PIA);
- Detailed knowledge of industry security standards (e.g. ISO, PCI, SOC2);
- Communication skills;
- Detailed Knowledge of the Government of Canada Contract Security Program;
- Customer Orientation;
- Any of the following certifications are considered an asset: ITIL, CISSP, CISM and CISA;
- Leadership;
- Experience assessing security technologies and or services against security and business requirements to enable management to make a decision.