Senior Security Architect - Compliance Team
Montréal, QC, CA, H3B 1S6 Qu?bec City, QC, CA Montréal, QC, CA Edmonton, AB, CA Toronto, ON, CA Calgary, AB, CA Vancouver, BC, CA Ottawa, ON, CA
Description
Our team and what we’ll accomplish together
We live in a fast-paced cyber-world where protecting information assets and infrastructure is an essential priority for consumers, businesses, and Canada. At TELUS Security, we strive to deliver innovative security solutions with top talent.
Our Corporate Information Security, Public Sector Compliance team is responsible for ensuring TELUS is compliant with the contractually signed security requirements in successful Request For Proposal (RFP) bids. The types of contracts we support pertain to Federal and Provincial governments or other Crown Corporations.
The work of the Public Sector Compliance team directly drives improved security and privacy outcomes to TELUS customers and the communities we serve. Succeeding means improving customer experience with TELUS' services, ensuring our services meet security standards, and helping TELUS avoid costs from redesign or incident response efforts.
What you’ll do
- Analyze requirements and provide tailored advice on RFP contractual terms and cybersecurity best practices across our service portfolio
- Identify relevant stakeholders across the service portfolio who are involved and impacted by RFPs
- Provide specific, proactive recommendations for implementing cybersecurity controls and procedures to relevant internal and external stakeholders
- Help identify, implement, maintain and update critical security controls to strengthen overall security posture for RFP programs
- Lead gap assessment, risk assessments, internal audit, compliance readiness, and compliance monitoring activities
- Set strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, and delivering metrics
- Document and deliver processes, procedures and playbooks for cybersecurity contractual requirements
- Interface with consultants and auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to specific contracts
- Communicate compliance program results, including assessment status, workflow, remediation and reporting to a broad audience
- Support delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordinating resolution of roadblocks and compliance risk
Qualifications
What you bring
- Bachelor’s degree and/or professional designation specializing in Computer Science, Engineering or Information Security
- Professional security designations, such as CISSP, CCSP or CISM, from recognized security institutes such as SANS, ISC2, and ISACA
- 5 or more years of experience in information security consulting, compliance and/or auditing
- 5 or more years of experience with IT security management (system dumps, logs and/or technical documentation)
- Experience with Microsoft SharePoint and Office suite
- Experience communicating cybersecurity requirements, change requests and reporting to customers
- Experience in one or more of the following domains: IP networking, Cloud computing or Telecommunications
- Strong ability to work within a team environment and self-manage your work in an outcome based approach
- Proficiency in both written and spoken English and French
Great-to-haves
- ITIL knowledge or certification
- Experience with GRC and Compliance Tools
- Workflow automation experience (VBA, Python, GPT or similar)
Advanced knowledge of English is required, because you will, most of the time, interact in English with external parties (clients, suppliers, candidates, external partners, etc.), interact in English with internal parties (colleagues, internal partners, stakeholders, etc.), as part of this position's main responsibilities, given its national scope.