- Minimmum 6 years of working experience related to information security practices with a minimum of 2 years in GRC domains.
- Excellent understanding & experience of security standards and frameworks such as CSA CCM, NIST CSF, PCI-DSS, SOX and SOC2.
- You will be a key member in the Information Security team to move forward the Governance, Risk and Compliance practice by influencing business leaders across the different teams.
- You will serve as an expert and be a mentor to the information security core team.
- Experience in performing IT risk assessments, vendor risk assessments, audit and operational risk issues management
- Act as a security advocate, supporting business owners’ requests related to security (evaluate policy exception requests, complete third-party security assessment).
- Perform technology security review on application, infrastructure & cloud security.
- Ensure all compliance findings and risk records are tracked and addressed by the involved teams
and stakeholders